From 80ff1ae02a1080594433494fcf99e5e8ca470584 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Thu, 10 Dec 2020 14:38:12 +0100
Subject: switch to next snapshot version

---
 id/server/auth-edu/pom.xml                                        | 2 +-
 id/server/auth-final/pom.xml                                      | 2 +-
 id/server/idserverlib/pom.xml                                     | 2 +-
 id/server/moa-id-commons/pom.xml                                  | 2 +-
 id/server/moa-id-frontend-resources/pom.xml                       | 2 +-
 id/server/moa-id-jaxb_classes/pom.xml                             | 2 +-
 id/server/moa-id-spring-initializer/pom.xml                       | 2 +-
 id/server/modules/moa-id-modul-citizencard_authentication/pom.xml | 2 +-
 id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml        | 2 +-
 id/server/modules/moa-id-module-E-ID_connector/pom.xml            | 2 +-
 id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml    | 2 +-
 id/server/modules/moa-id-module-eIDAS/pom.xml                     | 2 +-
 id/server/modules/moa-id-module-elga_mandate_service/pom.xml      | 2 +-
 id/server/modules/moa-id-module-openID/pom.xml                    | 2 +-
 id/server/modules/moa-id-module-sl20_authentication/pom.xml       | 2 +-
 id/server/modules/moa-id-module-ssoTransfer/pom.xml               | 2 +-
 id/server/modules/moa-id-modules-federated_authentication/pom.xml | 2 +-
 id/server/modules/moa-id-modules-saml1/pom.xml                    | 2 +-
 id/server/modules/module-monitoring/pom.xml                       | 2 +-
 id/server/modules/pom.xml                                         | 2 +-
 id/server/pom.xml                                                 | 2 +-
 21 files changed, 21 insertions(+), 21 deletions(-)

(limited to 'id/server')

diff --git a/id/server/auth-edu/pom.xml b/id/server/auth-edu/pom.xml
index 5a743549b..adfb2aa4f 100644
--- a/id/server/auth-edu/pom.xml
+++ b/id/server/auth-edu/pom.xml
@@ -2,7 +2,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.1.5</version>
+		<version>4.1.6-SNAPSHOT</version>
 	</parent>
 	
 	<modelVersion>4.0.0</modelVersion>
diff --git a/id/server/auth-final/pom.xml b/id/server/auth-final/pom.xml
index 72d5b51d7..50075abfe 100644
--- a/id/server/auth-final/pom.xml
+++ b/id/server/auth-final/pom.xml
@@ -2,7 +2,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.1.5</version>
+		<version>4.1.6-SNAPSHOT</version>
 	</parent>
 	
 	<modelVersion>4.0.0</modelVersion>
diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml
index 28d0b3f68..e8b194f3f 100644
--- a/id/server/idserverlib/pom.xml
+++ b/id/server/idserverlib/pom.xml
@@ -4,7 +4,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.1.5</version>
+		<version>4.1.6-SNAPSHOT</version>
 	</parent>
 
 	<groupId>MOA.id.server</groupId>
diff --git a/id/server/moa-id-commons/pom.xml b/id/server/moa-id-commons/pom.xml
index 545a9d953..452a566bf 100644
--- a/id/server/moa-id-commons/pom.xml
+++ b/id/server/moa-id-commons/pom.xml
@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.1.5</version>
+		<version>4.1.6-SNAPSHOT</version>
 	</parent>
 	<artifactId>moa-id-commons</artifactId>
 	<name>moa-id-commons</name>
diff --git a/id/server/moa-id-frontend-resources/pom.xml b/id/server/moa-id-frontend-resources/pom.xml
index 85857cd59..ac60b89a4 100644
--- a/id/server/moa-id-frontend-resources/pom.xml
+++ b/id/server/moa-id-frontend-resources/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id</groupId>
     <artifactId>moa-id</artifactId>
-    <version>4.1.5</version>
+    <version>4.1.6-SNAPSHOT</version>
   </parent>
   
   <groupId>MOA.id.server</groupId>
diff --git a/id/server/moa-id-jaxb_classes/pom.xml b/id/server/moa-id-jaxb_classes/pom.xml
index 427bab738..2ad6199a9 100644
--- a/id/server/moa-id-jaxb_classes/pom.xml
+++ b/id/server/moa-id-jaxb_classes/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id</groupId>
     <artifactId>moa-id</artifactId>
-    <version>4.1.5</version>
+    <version>4.1.6-SNAPSHOT</version>
   </parent>
   <groupId>MOA.id.server</groupId>
   <artifactId>moa-id-jaxb_classes</artifactId>
diff --git a/id/server/moa-id-spring-initializer/pom.xml b/id/server/moa-id-spring-initializer/pom.xml
index e4441dc95..8bc49354d 100644
--- a/id/server/moa-id-spring-initializer/pom.xml
+++ b/id/server/moa-id-spring-initializer/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id</groupId>
     <artifactId>moa-id</artifactId>
-    <version>4.1.5</version>
+    <version>4.1.6-SNAPSHOT</version>
   </parent>
   
   <groupId>MOA.id.server</groupId>
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml b/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml
index b1dd44779..2668b4f97 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.5</version>
+    <version>4.1.6-SNAPSHOT</version>
   </parent>
   <artifactId>moa-id-modul-citizencard_authentication</artifactId>
   
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
index b826597e9..1df8e5824 100644
--- a/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.5</version>
+    <version>4.1.6-SNAPSHOT</version>
   </parent>
   <artifactId>moa-id-module-AT_eIDAS_connector</artifactId>
   <name>moa-id-module-AT_eIDAS_connector</name>
diff --git a/id/server/modules/moa-id-module-E-ID_connector/pom.xml b/id/server/modules/moa-id-module-E-ID_connector/pom.xml
index 9764a8ee6..3b583d69e 100644
--- a/id/server/modules/moa-id-module-E-ID_connector/pom.xml
+++ b/id/server/modules/moa-id-module-E-ID_connector/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.5</version>
+    <version>4.1.6-SNAPSHOT</version>
   </parent>
   <artifactId>moa-id-module-EID_connector</artifactId>
   <name>moa-id-module-E-ID_connector</name>
diff --git a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml
index e3cc3cb52..4db2aa3ad 100644
--- a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml
+++ b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.5</version>
+    <version>4.1.6-SNAPSHOT</version>
   </parent>
   <artifactId>moa-id-module-bkaMobilaAuthSAML2Test</artifactId>
   <description>BKA MobileAuth Test for SAML2 applications</description>
diff --git a/id/server/modules/moa-id-module-eIDAS/pom.xml b/id/server/modules/moa-id-module-eIDAS/pom.xml
index 45fd97508..eabb1fc18 100644
--- a/id/server/modules/moa-id-module-eIDAS/pom.xml
+++ b/id/server/modules/moa-id-module-eIDAS/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.5</version>
+    <version>4.1.6-SNAPSHOT</version>
   </parent>
   <artifactId>moa-id-module-eIDAS</artifactId>
   <name>MOA-ID eIDAS Module</name>
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/pom.xml b/id/server/modules/moa-id-module-elga_mandate_service/pom.xml
index 46b645403..be7a15d89 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/pom.xml
+++ b/id/server/modules/moa-id-module-elga_mandate_service/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.5</version>
+    <version>4.1.6-SNAPSHOT</version>
   </parent>
   <artifactId>moa-id-module-elga_mandate_service</artifactId>
   <version>${moa-id-module-elga_mandate_client}</version>
diff --git a/id/server/modules/moa-id-module-openID/pom.xml b/id/server/modules/moa-id-module-openID/pom.xml
index 131ae455b..a7a4dad1b 100644
--- a/id/server/modules/moa-id-module-openID/pom.xml
+++ b/id/server/modules/moa-id-module-openID/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.5</version>
+    <version>4.1.6-SNAPSHOT</version>
   </parent>
   
 	<artifactId>moa-id-module-openID</artifactId>
diff --git a/id/server/modules/moa-id-module-sl20_authentication/pom.xml b/id/server/modules/moa-id-module-sl20_authentication/pom.xml
index 0dccba648..1f7606e1d 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/pom.xml
+++ b/id/server/modules/moa-id-module-sl20_authentication/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.5</version>
+    <version>4.1.6-SNAPSHOT</version>
   </parent>
   <artifactId>moa-id-module-sl20_authentication</artifactId>
   <name>moa-id-module-sl20_authentication</name>
diff --git a/id/server/modules/moa-id-module-ssoTransfer/pom.xml b/id/server/modules/moa-id-module-ssoTransfer/pom.xml
index d0869994b..dbf91dccf 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/pom.xml
+++ b/id/server/modules/moa-id-module-ssoTransfer/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.5</version>
+    <version>4.1.6-SNAPSHOT</version>
   </parent>
   <artifactId>moa-id-module-ssoTransfer</artifactId>
   <name>MOA-ID_SSO_Transfer_modul</name>
diff --git a/id/server/modules/moa-id-modules-federated_authentication/pom.xml b/id/server/modules/moa-id-modules-federated_authentication/pom.xml
index 1148ab31c..049da3a4e 100644
--- a/id/server/modules/moa-id-modules-federated_authentication/pom.xml
+++ b/id/server/modules/moa-id-modules-federated_authentication/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.5</version>
+    <version>4.1.6-SNAPSHOT</version>
   </parent>
   <artifactId>moa-id-modules-federated_authentication</artifactId>
   <description>PVP2 ServiceProvider implementation for federated authentication</description>
diff --git a/id/server/modules/moa-id-modules-saml1/pom.xml b/id/server/modules/moa-id-modules-saml1/pom.xml
index d2cd5686e..87ae74148 100644
--- a/id/server/modules/moa-id-modules-saml1/pom.xml
+++ b/id/server/modules/moa-id-modules-saml1/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.5</version>
+    <version>4.1.6-SNAPSHOT</version>
   </parent>
   
 	<artifactId>moa-id-module-saml1</artifactId>
diff --git a/id/server/modules/module-monitoring/pom.xml b/id/server/modules/module-monitoring/pom.xml
index 5b19d44c0..aef322b1e 100644
--- a/id/server/modules/module-monitoring/pom.xml
+++ b/id/server/modules/module-monitoring/pom.xml
@@ -5,7 +5,7 @@
 	<parent>
 		<groupId>MOA.id.server.modules</groupId>
 		<artifactId>moa-id-modules</artifactId>
-		<version>4.1.5</version>
+		<version>4.1.6-SNAPSHOT</version>
 	</parent>
 
 	<artifactId>moa-id-module-monitoring</artifactId>
diff --git a/id/server/modules/pom.xml b/id/server/modules/pom.xml
index d2bce7b0d..fb8c5c5df 100644
--- a/id/server/modules/pom.xml
+++ b/id/server/modules/pom.xml
@@ -5,7 +5,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.1.5</version>
+		<version>4.1.6-SNAPSHOT</version>
 	</parent>
 
 	<groupId>MOA.id.server.modules</groupId>
diff --git a/id/server/pom.xml b/id/server/pom.xml
index e9fb44b80..8b1dd5b4b 100644
--- a/id/server/pom.xml
+++ b/id/server/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <groupId>MOA</groupId>
         <artifactId>id</artifactId>
-        <version>4.1.5</version>
+        <version>4.1.6-SNAPSHOT</version>
     </parent>
 
     <modelVersion>4.0.0</modelVersion>
-- 
cgit v1.2.3


From d9366a3cdbc4cbcbd9900aacca53ea23f69990d0 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Fri, 19 Feb 2021 09:32:02 +0100
Subject: add missing certificates into truststore

---
 ...remium-Sig-05.20141215-20141209.SerNo165fb8.crt | 36 ----------------------
 ...remium-Sig-05.20141215-20241209.SerNo165fb8.crt | 36 ++++++++++++++++++++++
 2 files changed, 36 insertions(+), 36 deletions(-)
 delete mode 100644 id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-Test-Premium-Sig-05.20141215-20141209.SerNo165fb8.crt
 create mode 100644 id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-Test-Premium-Sig-05.20141215-20241209.SerNo165fb8.crt

(limited to 'id/server')

diff --git a/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-Test-Premium-Sig-05.20141215-20141209.SerNo165fb8.crt b/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-Test-Premium-Sig-05.20141215-20141209.SerNo165fb8.crt
deleted file mode 100644
index ee17cdb80..000000000
--- a/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-Test-Premium-Sig-05.20141215-20141209.SerNo165fb8.crt
+++ /dev/null
@@ -1,36 +0,0 @@
------BEGIN CERTIFICATE-----
-MIIGQTCCBCmgAwIBAgIDFl+4MA0GCSqGSIb3DQEBCwUAMIGVMQswCQYDVQQGEwJB
-VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
-bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMR0wGwYDVQQLDBRBLVRydXN0LVRl
-c3QtUm9vdC0wNTEdMBsGA1UEAwwUQS1UcnVzdC1UZXN0LVJvb3QtMDUwHhcNMTQx
-MjE1MTMxMDE5WhcNMjQxMjA5MTIxMDE5WjCBoTELMAkGA1UEBhMCQVQxSDBGBgNV
-BAoMP0EtVHJ1c3QgR2VzLiBmLiBTaWNoZXJoZWl0c3N5c3RlbWUgaW0gZWxla3Ry
-LiBEYXRlbnZlcmtlaHIgR21iSDEjMCEGA1UECwwaYS1zaWduLVRlc3QtUHJlbWl1
-bS1TaWctMDUxIzAhBgNVBAMMGmEtc2lnbi1UZXN0LVByZW1pdW0tU2lnLTA1MIIC
-IDANBgkqhkiG9w0BAQEFAAOCAg0AMIICCAKCAgEAq9PRwApA35K3LT0p5IYtNZMS
-BFJsIkzjgF4FRQ36PtxeNsPL6iPgfFjWLZzVT1arHrC6ciz97haDWEN5Jq+aVaZp
-gvFtvqZXlwYOWP0sshQg1aP7zrfH/N6yqjkrXHyzgmSz3SVIbdj5CqUJz/+94FCR
-cA8XkQ3WZAjSkRB+MSIY8umftkmJOVAstaG28OEtpmqwBLRh/QGcNZzfhyrPS2Ls
-5BAKQW9SBb1nXn8JOHq0Bd8zHShHbny9X/qT0xqeFfwItZWiW7iu3LgbGqfB3J4d
-s+9iecwHDsmYdSb2quGmzJXejmvktFZte9dlF7BuBqier+R3/czdLteRems5S9Ka
-hlP3+f3CnFwKihyVMhnuf5HyhCo1Fvrt+igWtNnos38qzB5RzRTJXnvZyrtTJMQE
-/8ZuV2B12Oaf0AQjt+o/SPKeaTBX2yes0S1xbQy7xJzNhgBJ2Ir3OI6SoOooVN+9
-kQuzD7NsJBJzIy4dHCvOgs0C1ro8DROaV3Usn58eYOkLDrPGpEBmFq7GnsxnbeEh
-5zzlgh00R9cy5PxiO40U+KxnTmQl+/vc9i1plDLsTRePeThKgS0UOIRZP7voYKdu
-IJaEzufNXUxZbCc9Mq3V552BmRPhL9Ouf/bfaVMmkY4p7BdU57stxDfVwG9biujj
-AVPA7DeRm+S0kzWRq0kCAQOjgY0wgYowPwYDVR0fBDgwNjA0oDKgMIYuaHR0cDov
-L2NybC5hLXRydXN0LmF0L2NybC9BLVRydXN0LVRlc3QtUm9vdC0wNTATBgNVHSME
-DDAKgAhEL/sUCZKJ0DAPBgNVHRMBAf8EBTADAQH/MBEGA1UdDgQKBAhB0SNOEjM1
-3jAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADggIBAEiqm52uEL2giMCy
-8i1tIbqKP3SeJnYxhJgN4d3caWqfE1CoEUQjsN8t7sF866TOYJMrQ+/dS8bUqNiG
-x4vvPrDq3DUSyKflgPaz+36xtB4BTlIiYTzio7Tnv+d5n+MsM6c/rijJzRx38FLM
-tZTAfr7dXv5KxrfYrrEnPrGg0gMlYqX3rB1TKQnPx5qG3e2YXc6tdvDeXhh9cXj3
-76VJony7iV0ccKWNXRRNx1X0po/Luu6EMD/5czArtmO0KmGXO3gK3Fy7pxUbdBra
-nSJNsY+Fv4X3zqf5n9ZM4Yut7KSqBiQbuMmIzLZkICJOWN5t9mOTStgmZjGqBdQN
-sRuVinaLxA88Fd32ZmFxbagOLeKEXPTQT/ERbDOjhShY6jA2/LkIcg9mwDDOubsp
-FcZaYlyXmvD+HNVxL5B4BGDWoGHmCxaj+bcYP4U797bpE90sTnMIQd6JoYEMQSIy
-Re0S4jKIOkCqBDkPBIXZf/IizTvJiQoFUtT7civFYhcUHDOcWs69NUU3F6sEBZmq
-C1uIRm7zD6FUPNpVcfVIeqcfWsnx5bSKwheh9Dk/A3eTmxjpodV4tIq6BfCLdq52
-85dumPB4zz/EmCuZ0hwy9/TJwaogVMqicvr1/pQXDM7T6fCM0vK9w/e4ejmX61TK
-6MsTXFjxlwpIacl4fkAxk6L22xfB
------END CERTIFICATE-----
diff --git a/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-Test-Premium-Sig-05.20141215-20241209.SerNo165fb8.crt b/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-Test-Premium-Sig-05.20141215-20241209.SerNo165fb8.crt
new file mode 100644
index 000000000..ee17cdb80
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-spss/trustProfiles/MOAIDBuergerkarteAuthentisierungsDatenMitTestkarten/a-sign-Test-Premium-Sig-05.20141215-20241209.SerNo165fb8.crt
@@ -0,0 +1,36 @@
+-----BEGIN CERTIFICATE-----
+MIIGQTCCBCmgAwIBAgIDFl+4MA0GCSqGSIb3DQEBCwUAMIGVMQswCQYDVQQGEwJB
+VDFIMEYGA1UECgw/QS1UcnVzdCBHZXMuIGYuIFNpY2hlcmhlaXRzc3lzdGVtZSBp
+bSBlbGVrdHIuIERhdGVudmVya2VociBHbWJIMR0wGwYDVQQLDBRBLVRydXN0LVRl
+c3QtUm9vdC0wNTEdMBsGA1UEAwwUQS1UcnVzdC1UZXN0LVJvb3QtMDUwHhcNMTQx
+MjE1MTMxMDE5WhcNMjQxMjA5MTIxMDE5WjCBoTELMAkGA1UEBhMCQVQxSDBGBgNV
+BAoMP0EtVHJ1c3QgR2VzLiBmLiBTaWNoZXJoZWl0c3N5c3RlbWUgaW0gZWxla3Ry
+LiBEYXRlbnZlcmtlaHIgR21iSDEjMCEGA1UECwwaYS1zaWduLVRlc3QtUHJlbWl1
+bS1TaWctMDUxIzAhBgNVBAMMGmEtc2lnbi1UZXN0LVByZW1pdW0tU2lnLTA1MIIC
+IDANBgkqhkiG9w0BAQEFAAOCAg0AMIICCAKCAgEAq9PRwApA35K3LT0p5IYtNZMS
+BFJsIkzjgF4FRQ36PtxeNsPL6iPgfFjWLZzVT1arHrC6ciz97haDWEN5Jq+aVaZp
+gvFtvqZXlwYOWP0sshQg1aP7zrfH/N6yqjkrXHyzgmSz3SVIbdj5CqUJz/+94FCR
+cA8XkQ3WZAjSkRB+MSIY8umftkmJOVAstaG28OEtpmqwBLRh/QGcNZzfhyrPS2Ls
+5BAKQW9SBb1nXn8JOHq0Bd8zHShHbny9X/qT0xqeFfwItZWiW7iu3LgbGqfB3J4d
+s+9iecwHDsmYdSb2quGmzJXejmvktFZte9dlF7BuBqier+R3/czdLteRems5S9Ka
+hlP3+f3CnFwKihyVMhnuf5HyhCo1Fvrt+igWtNnos38qzB5RzRTJXnvZyrtTJMQE
+/8ZuV2B12Oaf0AQjt+o/SPKeaTBX2yes0S1xbQy7xJzNhgBJ2Ir3OI6SoOooVN+9
+kQuzD7NsJBJzIy4dHCvOgs0C1ro8DROaV3Usn58eYOkLDrPGpEBmFq7GnsxnbeEh
+5zzlgh00R9cy5PxiO40U+KxnTmQl+/vc9i1plDLsTRePeThKgS0UOIRZP7voYKdu
+IJaEzufNXUxZbCc9Mq3V552BmRPhL9Ouf/bfaVMmkY4p7BdU57stxDfVwG9biujj
+AVPA7DeRm+S0kzWRq0kCAQOjgY0wgYowPwYDVR0fBDgwNjA0oDKgMIYuaHR0cDov
+L2NybC5hLXRydXN0LmF0L2NybC9BLVRydXN0LVRlc3QtUm9vdC0wNTATBgNVHSME
+DDAKgAhEL/sUCZKJ0DAPBgNVHRMBAf8EBTADAQH/MBEGA1UdDgQKBAhB0SNOEjM1
+3jAOBgNVHQ8BAf8EBAMCAQYwDQYJKoZIhvcNAQELBQADggIBAEiqm52uEL2giMCy
+8i1tIbqKP3SeJnYxhJgN4d3caWqfE1CoEUQjsN8t7sF866TOYJMrQ+/dS8bUqNiG
+x4vvPrDq3DUSyKflgPaz+36xtB4BTlIiYTzio7Tnv+d5n+MsM6c/rijJzRx38FLM
+tZTAfr7dXv5KxrfYrrEnPrGg0gMlYqX3rB1TKQnPx5qG3e2YXc6tdvDeXhh9cXj3
+76VJony7iV0ccKWNXRRNx1X0po/Luu6EMD/5czArtmO0KmGXO3gK3Fy7pxUbdBra
+nSJNsY+Fv4X3zqf5n9ZM4Yut7KSqBiQbuMmIzLZkICJOWN5t9mOTStgmZjGqBdQN
+sRuVinaLxA88Fd32ZmFxbagOLeKEXPTQT/ERbDOjhShY6jA2/LkIcg9mwDDOubsp
+FcZaYlyXmvD+HNVxL5B4BGDWoGHmCxaj+bcYP4U797bpE90sTnMIQd6JoYEMQSIy
+Re0S4jKIOkCqBDkPBIXZf/IizTvJiQoFUtT7civFYhcUHDOcWs69NUU3F6sEBZmq
+C1uIRm7zD6FUPNpVcfVIeqcfWsnx5bSKwheh9Dk/A3eTmxjpodV4tIq6BfCLdq52
+85dumPB4zz/EmCuZ0hwy9/TJwaogVMqicvr1/pQXDM7T6fCM0vK9w/e4ejmX61TK
+6MsTXFjxlwpIacl4fkAxk6L22xfB
+-----END CERTIFICATE-----
-- 
cgit v1.2.3


From 43f633a0b7ed8cfd73fce79560627fd5040abcc8 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Thu, 22 Apr 2021 15:02:54 +0200
Subject: remove code for MOA-ID 1.x proxy

---
 id/server/proxy/pom.xml                            | 152 ---------------------
 .../proxy/src/main/webapp/META-INF/MANIFEST.MF     |   2 -
 id/server/proxy/src/main/webapp/WEB-INF/web.xml    |  82 -----------
 .../proxy/src/main/webapp/errorpage-proxy.jsp      |  50 -------
 id/server/proxy/src/main/webapp/message-proxy.jsp  |  20 ---
 5 files changed, 306 deletions(-)
 delete mode 100644 id/server/proxy/pom.xml
 delete mode 100644 id/server/proxy/src/main/webapp/META-INF/MANIFEST.MF
 delete mode 100644 id/server/proxy/src/main/webapp/WEB-INF/web.xml
 delete mode 100644 id/server/proxy/src/main/webapp/errorpage-proxy.jsp
 delete mode 100644 id/server/proxy/src/main/webapp/message-proxy.jsp

(limited to 'id/server')

diff --git a/id/server/proxy/pom.xml b/id/server/proxy/pom.xml
deleted file mode 100644
index 4a18f6b2e..000000000
--- a/id/server/proxy/pom.xml
+++ /dev/null
@@ -1,152 +0,0 @@
-<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
-	<parent>
-		<groupId>MOA.id</groupId>
-		<artifactId>moa-id</artifactId>
-		<version>4.0.1-snapshot</version>
-	</parent>
-	
-	<properties>
-		<repositoryPath>${basedir}/../../../repository</repositoryPath>
-	</properties>
-	
-	<repositories>
-		<repository>
-			<id>shibboleth.internet2.edu</id>
-			<name>Internet2</name>
-			<url>https://apps.egiz.gv.at/shibboleth_nexus/</url>
-		</repository>
-	</repositories>
-	
-	<modelVersion>4.0.0</modelVersion>
-	<groupId>MOA.id.server</groupId>
-	<artifactId>moa-id-proxy</artifactId>
-	<version>${moa-id-proxy-version}</version>
-	<packaging>war</packaging>
-	<name>MOA ID-Proxy WebService</name>
-	
-	<build>
-		<plugins>
-<!-- 				        <plugin>
-            		<groupId>org.codehaus.mojo</groupId>
-            		<artifactId>properties-maven-plugin</artifactId>
-            		<version>1.0-alpha-2</version>
-            		<executions>
-                		<execution>
-                    		<phase>initialize</phase>
-                    		<goals>
-                        		<goal>read-project-properties</goal>
-                    		</goals>
-                    		<configuration>
-    	                   		<files>
-		                            <file>${basedir}/../../../moa-id.properties</file>
-      		                  </files>
-          		          </configuration>
-              		  </execution>
-            		</executions>
-        		</plugin> -->
-		
-			<plugin>
-				<groupId>org.apache.maven.plugins</groupId>
-				<artifactId>maven-war-plugin</artifactId>
-				<version>2.1.1</version>
-				<!-- <version>2.0.2</version>-->
-				<configuration>
-					<archive>
-						<manifest>
-							<addDefaultSpecificationEntries>false</addDefaultSpecificationEntries>
-							<addDefaultImplementationEntries>true</addDefaultImplementationEntries>
-						</manifest>
-						<addMavenDescriptor>false</addMavenDescriptor>
-					</archive>
-<!--
-					<webResources>
-						<resource>
-							<directory>${basedir}/../resources</directory>
-							<targetPath>WEB-INF/classes/resources</targetPath>
-						</resource>
-						<resource>
-							<directory>${basedir}/../services</directory>
-							<targetPath>WEB-INF/classes/META-INF/services</targetPath>
-						</resource>
-					</webResources>
--->
-				</configuration>
-			</plugin>
-      <plugin>
-	      <groupId>org.apache.maven.plugins</groupId>
-        <artifactId>maven-compiler-plugin</artifactId>
-        <configuration>
-  	      <source>1.7</source>
-          <target>1.7</target>
-        </configuration>
-      </plugin>
-		</plugins>
-	</build>
-
-	<dependencies>
-		<!-- we need Axis 1.1 here, 1.0 is included in SPSS -->
-		<dependency>
-			<groupId>axis</groupId>
-			<artifactId>axis</artifactId>
-		</dependency>
-		<dependency>
-			<groupId>MOA.spss.server</groupId>
-			<artifactId>moa-spss-lib</artifactId>
-		</dependency>
-		<dependency>
-			<groupId>MOA.id.server</groupId>
-			<artifactId>moa-id-lib</artifactId>
-			<!--version>${project.version}</version-->
-		</dependency>
-		<!-- transitive dependencies we don't want to include into the war -->
-		<dependency>
-			<groupId>iaik.prod</groupId>
-			<artifactId>iaik_jce_full</artifactId>
-			<!-- should be in the ext directory of the jre -->
-			<scope>provided</scope>
-		</dependency>
-		<dependency>
-			<groupId>iaik.prod</groupId>
-			<artifactId>iaik_ecc</artifactId>
-			<!-- should be in the ext directory of the jre -->
-			<scope>provided</scope>
-		</dependency>
-		<dependency>
-			<groupId>iaik.prod</groupId>
-			<artifactId>iaik_Pkcs11Provider</artifactId>
-			<!-- should be in the ext directory of the jre -->
-			<scope>provided</scope>
-		</dependency>
-		<dependency>
-			<groupId>iaik.prod</groupId>
-			<artifactId>iaik_Pkcs11Wrapper</artifactId>
-			<!-- should be in the ext directory of the jre -->
-			<scope>provided</scope>
-		</dependency>
-		<dependency>
-			<groupId>xalan-bin-dist</groupId>
-			<artifactId>xalan</artifactId>
-			<!-- should be provided by the container or jre -->
-			<scope>provided</scope>
-		</dependency>
-		<dependency>
-			<groupId>xerces</groupId>
-			<artifactId>xercesImpl</artifactId>
-			<!-- should be provided by the container or jre -->
-			<scope>provided</scope>
-		</dependency>
-		<dependency>
-			<groupId>xalan-bin-dist</groupId>
-			<artifactId>xml-apis</artifactId>
-			<!-- should be provided by the container or jre -->
-			<scope>provided</scope>
-		</dependency>
-		<dependency>
-			<groupId>xalan-bin-dist</groupId>
-			<artifactId>serializer</artifactId>
-			<!-- should be provided by the container or jre -->
-			<scope>provided</scope>
-		</dependency>
-	</dependencies>
-
-</project>
diff --git a/id/server/proxy/src/main/webapp/META-INF/MANIFEST.MF b/id/server/proxy/src/main/webapp/META-INF/MANIFEST.MF
deleted file mode 100644
index 58630c02e..000000000
--- a/id/server/proxy/src/main/webapp/META-INF/MANIFEST.MF
+++ /dev/null
@@ -1,2 +0,0 @@
-Manifest-Version: 1.0
-
diff --git a/id/server/proxy/src/main/webapp/WEB-INF/web.xml b/id/server/proxy/src/main/webapp/WEB-INF/web.xml
deleted file mode 100644
index 57926f207..000000000
--- a/id/server/proxy/src/main/webapp/WEB-INF/web.xml
+++ /dev/null
@@ -1,82 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE web-app PUBLIC '-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN' 'http://java.sun.com/dtd/web-app_2_3.dtd'>
-<web-app>
-	<display-name>MOA ID Proxy</display-name>
-	<description>MOA ID Proxy Service</description>
-
-	<filter>
-		<filter-name>ParameterInOrder Filter</filter-name>
-		<filter-class>at.gv.egovernment.moa.id.util.ParameterInOrderFilter</filter-class>
-	</filter>
-	<filter-mapping>
-		<filter-name>ParameterInOrder Filter</filter-name>
-		<url-pattern>/*</url-pattern>
-	</filter-mapping>
-
-	<servlet>
-		<servlet-name>Proxy</servlet-name>
-		<display-name>Proxy</display-name>
-		<description>Forwards requests to the online application</description>
-		<servlet-class>at.gv.egovernment.moa.id.proxy.servlet.ProxyServlet</servlet-class>
-		<load-on-startup>0</load-on-startup>
-	</servlet>
-	<servlet>
-		<servlet-name>ConfigurationUpdate</servlet-name>
-		<display-name>ConfigurationUpdate</display-name>
-		<description>Update MOA-ID Proxy configuration from the configuration file</description>
-		<servlet-class>at.gv.egovernment.moa.id.proxy.servlet.ConfigurationServlet</servlet-class>
-	</servlet>
-	
-	<!-- JSP servlet -->
-	<servlet>
-        <servlet-name>jspservlet</servlet-name>
-        <servlet-class>org.apache.jasper.servlet.JspServlet</servlet-class>
-    </servlet>
-    
-	<!-- servlet mapping for jsp pages -->
-	<!-- errorpage.jsp (customizeable) -->
-	<servlet-mapping>
-        <servlet-name>jspservlet</servlet-name>
-        <url-pattern>/errorpage-proxy.jsp</url-pattern>
-    </servlet-mapping>		
-    <!-- message-proxy.jsp (customizeable) used for non error messages (e.g. ConfigurationUpdate) -->
-	<servlet-mapping>
-        <servlet-name>jspservlet</servlet-name>
-        <url-pattern>/message-proxy.jsp</url-pattern>
-    </servlet-mapping>		
-
-	<servlet-mapping>
-		<servlet-name>ConfigurationUpdate</servlet-name>
-		<url-pattern>/ConfigurationUpdate</url-pattern>
-	</servlet-mapping>
-	<servlet-mapping>
-		<servlet-name>Proxy</servlet-name>
-		<url-pattern>/*</url-pattern>
-	</servlet-mapping>
-	<session-config>
-		<session-timeout>30</session-timeout>
-	</session-config>
-	<error-page>
-		<error-code>500</error-code>
-		<location>/errorpage-proxy.jsp</location>
-	</error-page>
-	<security-constraint>
-		<web-resource-collection>
-			<web-resource-name>ConfigurationUpdate</web-resource-name>
-			<url-pattern>/ConfigurationUpdate</url-pattern>
-		</web-resource-collection>
-		<auth-constraint>
-			<role-name>moa-admin</role-name>
-		</auth-constraint>
-	</security-constraint>
-	<login-config>
-		<auth-method>BASIC</auth-method>
-		<realm-name>UserDatabase</realm-name>
-	</login-config>
-	<security-role>
-		<description>
-		    The role that is required to log in to the moa Application
-  		</description>
-		<role-name>moa-admin</role-name>
-	</security-role>
-</web-app>
diff --git a/id/server/proxy/src/main/webapp/errorpage-proxy.jsp b/id/server/proxy/src/main/webapp/errorpage-proxy.jsp
deleted file mode 100644
index 07f3e7f69..000000000
--- a/id/server/proxy/src/main/webapp/errorpage-proxy.jsp
+++ /dev/null
@@ -1,50 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
-<%@ page contentType="text/html; charset=UTF-8" %>
-<html>
-<head>
-<title>Ein Fehler ist aufgetreten</title>
-</head>
-<% Throwable exceptionThrown = (Throwable)request.getAttribute("ExceptionThrown");
-   String errorMessage = (String)request.getAttribute("ErrorMessage");
-   String wrongParameters = (String)request.getAttribute("WrongParameters");
-%>
-
-<body>
-<h1>Fehler bei der Anmeldung</h1>
-<p>Bei der Anmeldung ist ein Fehler aufgetreten.</p>
-
-<% if (errorMessage != null) { %>
-<p>
-<%= errorMessage%><br>
-</p>
-<% } %>
-<% if (exceptionThrown != null) { %>
-<p> 
-<%= exceptionThrown.getMessage()%>
-</p>
-<% } %>
-<% if (wrongParameters != null) { %>
-<p>Die Angabe der Parameter ist unvollst&auml;ndig.<br></p>
-<b> <%= wrongParameters %> </b><br>
-<p>
-   Beispiele f&uuml;r korrekte Links zur MOA-ID Authentisierung sind:
-</p>
-<p>
-<tt>&lt;a href="https://&lt;MOA-URL&gt;/StartAuthentication?Target=&lt;Gesch&auml;ftsbereich&gt;&amp;OA=&lt;OA-URL&gt;&amp;Template=&lt;Template-URL&gt;&quot;&gt;</tt>
-</p>
-<p>
-<tt>&lt;a href="https://&lt;MOA-URL&gt;/SelectBKU?Target=&lt;Gesch&auml;ftsbereich&gt;&amp;OA=&lt;OA-URL&gt;&amp;Template=&lt;Template-URL&gt;&amp;BKUSelectionTemplate=&lt;BKU-Template-URL&gt;&quot;&gt;</tt>
-</p>
-<p>
-Im Falle einer Applikation aus dem privatwirtschaftlichen Bereich (type="businessService") entf&auml;llt die Angabe des <i>Target</i> Parameters:
-</p>
-<p>
-<tt>&lt;a href="https://&lt;MOA-URL&gt;/StartAuthentication?OA=&lt;OA-URL&gt;&amp;Template=&lt;Template-URL&gt;&quot;&gt;</tt>
-</p>
-<p>
-<tt>&lt;a href="https://&lt;MOA-URL&gt;/SelectBKU?OA=&lt;OA-URL&gt;&amp;Template=&lt;Template-URL&gt;&amp;BKUSelectionTemplate=&lt;BKU-Template-URL&gt;&quot;&gt;</tt>
-</p>
-<p>Die Angabe der Parameter <tt>&quot;Template&quot;</tt> und <tt>&quot;BKUSelectionTemplate&quot;</tt> ist optional.</p>
-<% } %>
-</body>
-</html>
\ No newline at end of file
diff --git a/id/server/proxy/src/main/webapp/message-proxy.jsp b/id/server/proxy/src/main/webapp/message-proxy.jsp
deleted file mode 100644
index 0d970898a..000000000
--- a/id/server/proxy/src/main/webapp/message-proxy.jsp
+++ /dev/null
@@ -1,20 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
-<%@ page contentType="text/html; charset=UTF-8" %>
-<html>
-<head>
-<title>MOA-ID Proxy</title>
-</head>
-<% String message = (String)request.getAttribute("Message");
-%>
-
-<body>
-<h1>MOA-ID Proxy</h1>
-
-<% if (message != null) { %>
-<p>
-<%= message%><br>
-</p>
-<% } %>
-
-</body>
-</html>
\ No newline at end of file
-- 
cgit v1.2.3


From 7c0b889c2eab8734f890c2a53175852422760416 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Tue, 1 Jun 2021 20:30:08 +0200
Subject: add dummy authentication-modul that loads eID information from local
 configuration

---
 id/server/auth-edu/pom.xml                         |   7 +-
 id/server/modules/moa-id-module-dummyAuth/pom.xml  |  41 +++++
 .../auth/dummy/ConfigurationProperties.java        |  58 +++++++
 .../auth/dummy/DummyIdentityAuthModule.java        | 152 +++++++++++++++++
 .../DummyIdentityAuthSpringResourceProvider.java   |  62 +++++++
 .../auth/dummy/service/DummyIdentityService.java   | 182 +++++++++++++++++++++
 .../task/InjectDummyIdentityInformationTask.java   | 134 +++++++++++++++
 ...iz.components.spring.api.SpringResourceProvider |   1 +
 .../main/resources/dummy_identity_auth.process.xml |  16 ++
 .../resources/moaid_dummy_identity_auth.beans.xml  |  23 +++
 .../modules/auth/dummy/test/BeanCreationTest.java  |  67 ++++++++
 .../dummy/test/DummyIdentityAuthModuleTest.java    | 117 +++++++++++++
 ...ummyIdentityAuthSpringResourceProviderTest.java |  55 +++++++
 .../auth/dummy/test/DummyIdentityServiceTest.java  |  48 ++++++
 .../InjectDummyIdentityInformationTaskTest.java    |  92 +++++++++++
 .../auth/dummy/test/dummy/DummyAuthConfigMap.java  | 136 +++++++++++++++
 .../src/test/resources/config/config1.properties   |   6 +
 .../src/test/resources/config/config2.properties   |   5 +
 .../src/test/resources/config/idlstore/idl_1.json  |   6 +
 .../src/test/resources/config/idlstore/idl_2.json  |   6 +
 .../config/idlstore/idl_invalid_json_1.json        |   6 +
 .../config/idlstore/idl_invalid_json_2.json        |   7 +
 .../config/idlstore/idl_invalid_json_3.json        |   8 +
 .../config/idlstore/idl_missing_attr.json          |   5 +
 .../config/idlstore/idl_wrong_extension.txt        |   6 +
 .../resources/test_dummy_identity_auth.beans.xml   |  20 +++
 .../test_dummy_identity_auth_lazy.beans.xml        |  27 +++
 id/server/modules/pom.xml                          |   4 +-
 28 files changed, 1295 insertions(+), 2 deletions(-)
 create mode 100644 id/server/modules/moa-id-module-dummyAuth/pom.xml
 create mode 100644 id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/ConfigurationProperties.java
 create mode 100644 id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/DummyIdentityAuthModule.java
 create mode 100644 id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/DummyIdentityAuthSpringResourceProvider.java
 create mode 100644 id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/service/DummyIdentityService.java
 create mode 100644 id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/task/InjectDummyIdentityInformationTask.java
 create mode 100644 id/server/modules/moa-id-module-dummyAuth/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider
 create mode 100644 id/server/modules/moa-id-module-dummyAuth/src/main/resources/dummy_identity_auth.process.xml
 create mode 100644 id/server/modules/moa-id-module-dummyAuth/src/main/resources/moaid_dummy_identity_auth.beans.xml
 create mode 100644 id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/BeanCreationTest.java
 create mode 100644 id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/DummyIdentityAuthModuleTest.java
 create mode 100644 id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/DummyIdentityAuthSpringResourceProviderTest.java
 create mode 100644 id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/DummyIdentityServiceTest.java
 create mode 100644 id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/InjectDummyIdentityInformationTaskTest.java
 create mode 100644 id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/dummy/DummyAuthConfigMap.java
 create mode 100644 id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/config1.properties
 create mode 100644 id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/config2.properties
 create mode 100644 id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_1.json
 create mode 100644 id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_2.json
 create mode 100644 id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_invalid_json_1.json
 create mode 100644 id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_invalid_json_2.json
 create mode 100644 id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_invalid_json_3.json
 create mode 100644 id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_missing_attr.json
 create mode 100644 id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_wrong_extension.txt
 create mode 100644 id/server/modules/moa-id-module-dummyAuth/src/test/resources/test_dummy_identity_auth.beans.xml
 create mode 100644 id/server/modules/moa-id-module-dummyAuth/src/test/resources/test_dummy_identity_auth_lazy.beans.xml

(limited to 'id/server')

diff --git a/id/server/auth-edu/pom.xml b/id/server/auth-edu/pom.xml
index adfb2aa4f..42e035c7a 100644
--- a/id/server/auth-edu/pom.xml
+++ b/id/server/auth-edu/pom.xml
@@ -207,7 +207,12 @@
 			<groupId>MOA.id.server.modules</groupId>
 			<artifactId>moa-id-module-bkaMobilaAuthSAML2Test</artifactId>
 		</dependency>				
-		
+
+    <dependency>
+			<groupId>MOA.id.server.modules</groupId>
+       <artifactId>moa-id-module-dummy-authenticatiuon</artifactId>
+    </dependency>
+    
 		<dependency>
 			<groupId>MOA.id.server.modules</groupId>				
 		 	<artifactId>moa-id-module-sl20_authentication</artifactId>
diff --git a/id/server/modules/moa-id-module-dummyAuth/pom.xml b/id/server/modules/moa-id-module-dummyAuth/pom.xml
new file mode 100644
index 000000000..42b8ca775
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/pom.xml
@@ -0,0 +1,41 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+	<modelVersion>4.0.0</modelVersion>
+	<parent>
+		<groupId>MOA.id.server.modules</groupId>
+		<artifactId>moa-id-modules</artifactId>
+		<version>4.1.6-SNAPSHOT</version>
+	</parent>
+	<artifactId>moa-id-module-dummy-authenticatiuon</artifactId>
+	<description>Module for dummy authentication in MOA-ID</description>
+
+	<dependencies>
+		<dependency>
+			<groupId>org.springframework</groupId>
+			<artifactId>spring-test</artifactId>
+			<scope>test</scope>
+		</dependency>
+		<dependency>
+			<groupId>junit</groupId>
+			<artifactId>junit</artifactId>
+			<scope>test</scope>
+		</dependency>
+		<dependency>
+			<groupId>at.gv.egiz.eaaf</groupId>
+			<artifactId>eaaf_core_utils</artifactId>
+			<scope>test</scope>
+			<type>test-jar</type>
+		</dependency>
+		<dependency>
+			<groupId>at.gv.egiz.eaaf</groupId>
+			<artifactId>eaaf-core</artifactId>
+			<scope>test</scope>
+			<type>test-jar</type>
+		</dependency>
+	</dependencies>
+
+
+
+</project>
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/ConfigurationProperties.java b/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/ConfigurationProperties.java
new file mode 100644
index 000000000..b42e5b0f7
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/ConfigurationProperties.java
@@ -0,0 +1,58 @@
+/*
+ * Copyright 2021 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.auth.modules.auth.dummy;
+
+import java.util.Collection;
+import java.util.Set;
+
+import com.google.common.collect.Sets;
+
+import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions;
+
+public class ConfigurationProperties {
+
+  // configuration properties
+  private static final String MODULE_PREFIX = "modules.dummyauth.";
+  
+  public static final String PROP_MODULE_ENABLED = MODULE_PREFIX + "enabled";
+  public static final String PROP_MODULE_SP_PREFIX = MODULE_PREFIX + "sp";
+  public static final String PROP_MODULE_IDENTITY_STORE_PATH = MODULE_PREFIX + "identity.store.path";
+  
+  // http parameter
+  public static final String HTTP_PARAM_START_DUMMY_AUTH = "dummyauth";
+  
+  // configuration filetype
+  public static final String ALLOWED_FILE_TYPE = "json";
+  
+  
+  //minimum required attributes
+  public static final Collection<String> MINIMUM_REQ_ATTRIBUTES = Sets.newHashSet(
+      PVPAttributeDefinitions.BIRTHDATE_NAME,
+      PVPAttributeDefinitions.GIVEN_NAME_NAME,
+      PVPAttributeDefinitions.PRINCIPAL_NAME_NAME,
+      PVPAttributeDefinitions.BPK_NAME);  
+  
+  private ConfigurationProperties() {
+    // hide constructor or static class
+  }
+}
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/DummyIdentityAuthModule.java b/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/DummyIdentityAuthModule.java
new file mode 100644
index 000000000..e2f550736
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/DummyIdentityAuthModule.java
@@ -0,0 +1,152 @@
+/*
+ * Copyright 2021 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.auth.modules.auth.dummy;
+
+import java.io.Serializable;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.stream.Collectors;
+
+import javax.annotation.PostConstruct;
+
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
+import at.gv.egiz.eaaf.core.api.idp.auth.IAuthenticationManager;
+import at.gv.egiz.eaaf.core.api.idp.auth.modules.AuthModule;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egovernment.moa.logging.Logger;
+
+/**
+ * @author tlenz
+ *
+ */
+public class DummyIdentityAuthModule implements AuthModule {
+
+  private int priority = 2;
+
+  @Autowired(required = true)
+  protected IConfigurationWithSP authConfig;
+  @Autowired(required = true)
+  private IAuthenticationManager authManager;
+
+  private Collection<String> uniqueIDsDummyAuthEnabled;
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getPriority()
+   */
+  @Override
+  public int getPriority() {
+    return priority;
+  }
+
+  /**
+   * Sets the priority of this module. Default value is {@code 0}.
+   *
+   * @param priority The priority.
+   */
+  public void setPriority(int priority) {
+    this.priority = priority;
+  }
+
+  @PostConstruct
+  private void initialDummyAuthWhiteList() {    
+    if (authConfig.getBasicConfigurationBoolean(ConfigurationProperties.PROP_MODULE_ENABLED, false)) {
+      Logger.info("AuthModule for 'dummy-identities' is enabled");
+      
+      // load allowed service-provider Id's
+      uniqueIDsDummyAuthEnabled = authConfig.getBasicConfigurationWithPrefix(
+          ConfigurationProperties.PROP_MODULE_SP_PREFIX).values().stream()
+          .filter(el -> StringUtils.isNotEmpty(el))
+          .collect(Collectors.toSet());
+
+      if (!uniqueIDsDummyAuthEnabled.isEmpty()) {
+        Logger.info("Dummy authentication is enabled for ....");
+        uniqueIDsDummyAuthEnabled.forEach(el -> Logger.info("   EntityID: " + el));
+
+      }
+
+      // TODO: do we need a selection parameter from external
+      authManager.addParameterNameToWhiteList(ConfigurationProperties.HTTP_PARAM_START_DUMMY_AUTH);
+      
+    } else {
+      uniqueIDsDummyAuthEnabled = Collections.emptySet();
+      Logger.info("AuthModule for 'dummy-identities' is disabled");
+      
+    }
+
+  }
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.
+   * egovernment.moa.id.process.api.ExecutionContext)
+   */
+  @Override
+  public String selectProcess(ExecutionContext context, IRequest pendingReq) {
+
+    if (authConfig.getBasicConfigurationBoolean(ConfigurationProperties.PROP_MODULE_ENABLED, false)) {
+      final String spEntityID = pendingReq.getServiceProviderConfiguration().getUniqueIdentifier();
+      Logger.trace("Check dummy-auth for SP: " + spEntityID);
+      if (uniqueIDsDummyAuthEnabled.contains(spEntityID)) {
+        final Serializable flagObj = context.get(ConfigurationProperties.HTTP_PARAM_START_DUMMY_AUTH);
+        if (flagObj instanceof String && Boolean.valueOf((String) flagObj)) {
+          Logger.info("Starting Dummy-Identity authentication for SP: " + spEntityID);
+          return "dummyIdentityAuthentication";
+
+        } else {
+          Logger.debug("Dummy-Identity authentication flag not 'true'. Skip it ... ");
+
+        }
+
+      } else {
+        Logger.debug("Unique SP-Id: " + spEntityID
+            + " is not in whitelist for Dummy-Identity authentication.");
+
+      }
+
+    } else {
+      Logger.trace("Dummy-Identity authentication is disabled");
+
+    }
+
+    return null;
+
+  }
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getProcessDefinitions()
+   */
+  @Override
+  public String[] getProcessDefinitions() {
+    return new String[] { "classpath:/dummy_identity_auth.process.xml" };
+  }
+
+}
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/DummyIdentityAuthSpringResourceProvider.java b/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/DummyIdentityAuthSpringResourceProvider.java
new file mode 100644
index 000000000..d8218b7f1
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/DummyIdentityAuthSpringResourceProvider.java
@@ -0,0 +1,62 @@
+/*
+ * Copyright 2021 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.auth.modules.auth.dummy;
+
+import org.springframework.core.io.ClassPathResource;
+import org.springframework.core.io.Resource;
+
+import at.gv.egiz.components.spring.api.SpringResourceProvider;
+
+/**
+ * @author tlenz
+ *
+ */
+public class DummyIdentityAuthSpringResourceProvider implements SpringResourceProvider {
+
+	/* (non-Javadoc)
+	 * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getResourcesToLoad()
+	 */
+	@Override
+	public Resource[] getResourcesToLoad() {
+		ClassPathResource authConfig = new ClassPathResource("/moaid_dummy_identity_auth.beans.xml", DummyIdentityAuthSpringResourceProvider.class);							
+		return new Resource[] {authConfig};
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getPackagesToScan()
+	 */
+	@Override
+	public String[] getPackagesToScan() {
+		// TODO Auto-generated method stub
+		return null;
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getName()
+	 */
+	@Override
+	public String getName() {
+		return "Module for 'Dummy Authentication'";
+	}
+
+}
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/service/DummyIdentityService.java b/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/service/DummyIdentityService.java
new file mode 100644
index 000000000..9bb961e47
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/service/DummyIdentityService.java
@@ -0,0 +1,182 @@
+package at.gv.egovernment.moa.id.auth.modules.auth.dummy.service;
+
+import java.io.IOException;
+import java.nio.file.FileVisitOption;
+import java.nio.file.Files;
+import java.nio.file.Path;
+import java.nio.file.Paths;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.stream.Collectors;
+
+import javax.annotation.PostConstruct;
+
+import org.apache.commons.io.FilenameUtils;
+import org.apache.commons.lang3.RandomStringUtils;
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import com.fasterxml.jackson.annotation.JsonAutoDetect.Visibility;
+import com.fasterxml.jackson.annotation.PropertyAccessor;
+import com.fasterxml.jackson.databind.DeserializationFeature;
+import com.fasterxml.jackson.databind.ObjectMapper;
+
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.EAAFAuthenticationException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
+import at.gv.egiz.eaaf.core.impl.utils.FileUtils;
+import at.gv.egiz.eaaf.core.impl.utils.Random;
+import at.gv.egovernment.moa.id.auth.modules.auth.dummy.ConfigurationProperties;
+import at.gv.egovernment.moa.logging.Logger;
+
+/**
+ * Service that holdes and selects dummy-identities for dummy-authentication.
+ * 
+ * @author tlenz
+ *
+ */
+public class DummyIdentityService {
+
+  @Autowired IConfiguration config;
+  
+  private List<Map<String, String>> availableIdentities = new ArrayList<>();
+  
+  
+  private static ObjectMapper jsonMapper = new ObjectMapper();
+    
+  static {
+    // initialize JSON Mapper
+    jsonMapper.configure(DeserializationFeature.FAIL_ON_READING_DUP_TREE_KEY, true);
+    jsonMapper.configure(DeserializationFeature.FAIL_ON_TRAILING_TOKENS, true);
+    jsonMapper.configure(DeserializationFeature.FAIL_ON_UNKNOWN_PROPERTIES, true);
+    jsonMapper.setVisibility(PropertyAccessor.ALL, Visibility.NONE);
+    jsonMapper.setVisibility(PropertyAccessor.GETTER, Visibility.PUBLIC_ONLY);
+    jsonMapper.setVisibility(PropertyAccessor.IS_GETTER, Visibility.PUBLIC_ONLY);
+    
+  }
+  
+  
+  /**
+   * Get an identity randomly from available identities.
+   * 
+   * @return Map of identity attributes
+   * @throws EAAFAuthenticationException In case of an empty identity store
+   */
+  public Map<String, String> getIdentityRandomly() throws EAAFAuthenticationException {
+    if (availableIdentities.isEmpty()) {
+      throw new EAAFAuthenticationException("builder.08", new Object[] {"No Dummy-Identity available"});
+      
+    }
+       
+
+    
+    int num = (int) (Math.random() * 1000000) % availableIdentities.size();
+    Logger.debug("Select element: " + num + " from dummy-identity store");    
+    return availableIdentities.get(num);
+                  
+  }
+  
+  /**
+   * Get number of available identity sets.
+   * 
+   * @return available dummy identities
+   */
+  public int getNumberOfLoadedIdentitySets( ) {
+    return availableIdentities.size();
+    
+  }
+  
+  
+  @PostConstruct
+  private void initialize() throws EAAFException {
+    try {
+      Logger.debug("Initializing Dummy-Identity authentication service ... ");           
+      
+      //get all files from datastore
+      Set<Path> identityConfigFiles = getAllFilesFromIdentityStore();
+      Logger.debug("Find #" + identityConfigFiles.size() + " files in identity-store. Starting identity extraction ... ");
+
+      //extract identity informations
+      identityConfigFiles.stream()
+          .filter(el -> FilenameUtils.isExtension(el.getFileName().toString(), ConfigurationProperties.ALLOWED_FILE_TYPE))
+          .forEach(el -> loadJson(el));
+        
+      Logger.info("Dummy-Identity authentication service contains #" + availableIdentities.size() + " data-sets");
+      
+    } catch (EAAFException e) {
+      handleError(e);
+      
+    } catch (IOException e) {
+      handleError(new EAAFException("config.05", 
+          new Object[] {ConfigurationProperties.PROP_MODULE_IDENTITY_STORE_PATH}, e));
+      
+    }           
+  }
+  
+  
+  private void loadJson(Path file) {    
+    try {
+      Logger.debug("Reading dummy-identity from file: " + file.getFileName() + " ... ");
+      Map<String, String> dummyEid = jsonMapper.readValue(file.toFile(), Map.class);
+                  
+      // check minimum required attributes      
+      ConfigurationProperties.MINIMUM_REQ_ATTRIBUTES.stream().forEach(
+          el -> { 
+            if (!dummyEid.containsKey(el)) {
+              throw new RuntimeException("dummy-identity from file: " + file.getFileName() + " missing attribute: " + el);
+              
+            } 
+          });
+            
+      Logger.debug("Add dummy-identity from file: " + file.getFileName());      
+      availableIdentities.add(dummyEid);
+      
+      
+    } catch (Exception e) {
+      Logger.warn("Can NOT read dummy-identity from file: " + file.getFileName() + " Identity will be skipped", e);
+            
+    }
+    
+  }
+
+
+  private Set<Path> getAllFilesFromIdentityStore() throws IOException, EAAFConfigurationException {
+    String identityStorePath = config.getBasicConfiguration(ConfigurationProperties.PROP_MODULE_IDENTITY_STORE_PATH);           
+    if (StringUtils.isEmpty(identityStorePath)) {
+      throw new EAAFConfigurationException("config.08", 
+          new Object[] {ConfigurationProperties.PROP_MODULE_IDENTITY_STORE_PATH});
+    
+    }     
+            
+    String absIdentityStorePath = FileUtils.makeAbsoluteURL(identityStorePath, config.getConfigurationRootDirectory());    
+    if (absIdentityStorePath.startsWith("file:")) {
+      absIdentityStorePath = absIdentityStorePath.substring("file:".length());
+      
+    }
+    
+    return Files.walk(Paths.get(absIdentityStorePath), FileVisitOption.FOLLOW_LINKS)
+        .filter(Files::isRegularFile)
+        .filter(Files::isReadable)
+        .collect(Collectors.toSet());
+    
+  }
+  
+  
+  private void handleError(EAAFException e) throws EAAFException {
+    if (config.getBasicConfigurationBoolean(ConfigurationProperties.PROP_MODULE_ENABLED, false)) {
+      throw e;
+      
+    } else {
+      Logger.info("Dummy-Identity authentication is disabled. Ignore exception: " + e.getMessage());
+      
+    }
+    
+  }
+  
+  
+}
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/task/InjectDummyIdentityInformationTask.java b/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/task/InjectDummyIdentityInformationTask.java
new file mode 100644
index 000000000..8fed1c544
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/task/InjectDummyIdentityInformationTask.java
@@ -0,0 +1,134 @@
+/*
+ * Copyright 2021 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.auth.modules.auth.dummy.task;
+
+import java.util.Map;
+import java.util.Map.Entry;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EAAFAuthenticationException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
+import at.gv.egovernment.moa.id.auth.modules.auth.dummy.service.DummyIdentityService;
+import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
+import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
+import at.gv.egovernment.moa.logging.Logger;
+
+/**
+ * @author tlenz
+ *
+ */
+@Component("InjectDummyIdentityInformationTask")
+public class InjectDummyIdentityInformationTask extends AbstractAuthServletTask {
+
+  @Autowired
+  IConfiguration moaAuthConfig;
+  @Autowired
+  DummyIdentityService service;
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see
+   * at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask#execute(at.gv.
+   * egovernment.moa.id.process.api.ExecutionContext,
+   * javax.servlet.http.HttpServletRequest,
+   * javax.servlet.http.HttpServletResponse)
+   */
+  @Override
+  public void execute(ExecutionContext executionContext, HttpServletRequest request,
+      HttpServletResponse response)
+      throws TaskExecutionException {
+
+    try {
+      Logger.debug("Injecting user credentials for Dummy-Identity authentication ... ");
+      parseDemoValuesIntoMOASession(pendingReq);
+
+      // store MOASession into database
+      requestStoreage.storePendingRequest(pendingReq);
+
+    } catch (final MOAIDException e) {
+      throw new TaskExecutionException(pendingReq, e.getMessage(), e);
+
+    } catch (final Exception e) {
+      throw new TaskExecutionException(pendingReq, e.getMessage(), e);
+
+    }
+  }
+
+  /**
+   * @param pendingReq
+   * @param moaSession
+   * @throws MOAIDException
+   * @throws EAAFStorageException
+   * @throws EAAFAuthenticationException
+   */
+  private void parseDemoValuesIntoMOASession(IRequest pendingReq) throws MOAIDException, EAAFStorageException,
+      EAAFAuthenticationException {
+    final AuthenticationSessionWrapper moaSession = pendingReq.getSessionData(
+        AuthenticationSessionWrapper.class);
+    moaSession.setForeigner(false);
+    moaSession.setQAALevel(PVPConstants.EIDAS_QAA_HIGH);
+
+    final Map<String, String> rawIdentity = service.getIdentityRandomly();
+
+    // add attributes into session
+    for (final Entry<String, String> el : rawIdentity.entrySet()) {
+      moaSession.setGenericDataToSession(el.getKey(), el.getValue());
+      Logger.debug("Add PVP-attribute " + el.getKey() + " into MOASession");
+
+    }
+
+    // set BKU URL
+    if (rawIdentity.containsKey(PVPAttributeDefinitions.EID_CCS_URL_NAME)) {
+      moaSession.setBkuURL(rawIdentity.get(PVPAttributeDefinitions.EID_CCS_URL_NAME));
+
+    } else {
+      moaSession.setBkuURL("http://egiz.gv.at/dummy-authentication");
+
+    }
+
+    // check if mandates are included
+    if (rawIdentity.containsKey(PVPAttributeDefinitions.MANDATE_TYPE_NAME)
+        || rawIdentity.containsKey(PVPAttributeDefinitions.MANDATE_TYPE_OID_NAME)) {
+      Logger.debug("Find Mandate-Attributes in E-ID response. Switch to mandate-mode ... ");
+      moaSession.setUseMandates(true);
+
+    } else {
+      moaSession.setUseMandates(false);
+
+    }
+  }
+
+}
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider b/id/server/modules/moa-id-module-dummyAuth/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider
new file mode 100644
index 000000000..a60db29cb
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider
@@ -0,0 +1 @@
+at.gv.egovernment.moa.id.auth.modules.auth.dummy.DummyIdentityAuthSpringResourceProvider
\ No newline at end of file
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/main/resources/dummy_identity_auth.process.xml b/id/server/modules/moa-id-module-dummyAuth/src/main/resources/dummy_identity_auth.process.xml
new file mode 100644
index 000000000..d7351fbbd
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/main/resources/dummy_identity_auth.process.xml
@@ -0,0 +1,16 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<pd:ProcessDefinition id="dummyIdentityAuthentication" xmlns:pd="http://reference.e-government.gv.at/namespace/moa/process/definition/v1">
+
+	<pd:Task id="dummyAuth"                            class="InjectDummyIdentityInformationTask" />
+	<pd:Task id="finalizeAuthentication" 			   class="FinalizeAuthenticationTask" />
+
+	<!-- Process is triggered either by GenerateIFrameTemplateServlet (upon bku selection) or by AuthenticationManager (upon legacy authentication start using legacy parameters. -->
+	<pd:StartEvent id="start" />
+	
+	<pd:Transition from="start" to="dummyAuth" />				
+	<pd:Transition from="dummyAuth" to="finalizeAuthentication" />	
+	<pd:Transition from="finalizeAuthentication"    to="end" />
+	
+	<pd:EndEvent id="end" />
+
+</pd:ProcessDefinition>
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/main/resources/moaid_dummy_identity_auth.beans.xml b/id/server/modules/moa-id-module-dummyAuth/src/main/resources/moaid_dummy_identity_auth.beans.xml
new file mode 100644
index 000000000..5c2ea1176
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/main/resources/moaid_dummy_identity_auth.beans.xml
@@ -0,0 +1,23 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:context="http://www.springframework.org/schema/context"
+	xmlns:tx="http://www.springframework.org/schema/tx"
+	xmlns:aop="http://www.springframework.org/schema/aop"
+	xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+		http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+	<bean id="dummyIdentityAuthModule" class="at.gv.egovernment.moa.id.auth.modules.auth.dummy.DummyIdentityAuthModule">
+		<property name="priority" value="4" />
+	</bean>
+ 					
+	<bean id="dummyIdentityService"
+		  class="at.gv.egovernment.moa.id.auth.modules.auth.dummy.service.DummyIdentityService" /> 					
+ 						
+	<bean id="InjectDummyIdentityInformationTask" 
+		  class="at.gv.egovernment.moa.id.auth.modules.auth.dummy.task.InjectDummyIdentityInformationTask"
+		  scope="prototype"/>
+																						
+</beans>
\ No newline at end of file
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/BeanCreationTest.java b/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/BeanCreationTest.java
new file mode 100644
index 000000000..7fa2eab93
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/BeanCreationTest.java
@@ -0,0 +1,67 @@
+package at.gv.egovernment.moa.id.auth.modules.auth.dummy.test;
+
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+import static org.junit.Assert.assertTrue;
+import static org.junit.Assert.fail;
+
+import org.junit.Assert;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.BeanCreationException;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
+import org.springframework.test.annotation.DirtiesContext;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egovernment.moa.id.auth.modules.auth.dummy.DummyIdentityAuthModule;
+import at.gv.egovernment.moa.id.auth.modules.auth.dummy.service.DummyIdentityService;
+import at.gv.egovernment.moa.id.auth.modules.auth.dummy.test.dummy.DummyAuthConfigMap;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+    "/test_dummy_identity_auth_lazy.beans.xml" })
+public class BeanCreationTest {
+
+  @Autowired DummyAuthConfigMap config;
+  @Autowired ApplicationContext context;
+  
+  @Before
+  public void initialize() {
+    // re-set config
+    config.putConfigValue("modules.dummyauth.enabled", String.valueOf(false));
+    
+  }
+  
+  @Test
+  public void authModuleDeactivated() {    
+    assertNotNull("AuthModule", context.getBean(DummyIdentityAuthModule.class));
+    
+  }
+  
+  @Test
+  @DirtiesContext
+  public void dummyIdentityServiceDisabled() {    
+    assertNotNull("IdentityService", context.getBean(DummyIdentityService.class));
+    
+  }
+  
+  @Test
+  @DirtiesContext
+  public void dummyIdentityServiceEnabled() {
+    config.putConfigValue("modules.dummyauth.enabled", String.valueOf(true));
+        
+    try {
+      context.getBean(DummyIdentityService.class);
+      fail("Wrong config not detected");
+      
+    } catch (Exception e) {
+      assertTrue("wrong exception", e instanceof BeanCreationException);
+      
+    }
+    
+  }
+  
+}
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/DummyIdentityAuthModuleTest.java b/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/DummyIdentityAuthModuleTest.java
new file mode 100644
index 000000000..37bb0d9b4
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/DummyIdentityAuthModuleTest.java
@@ -0,0 +1,117 @@
+package at.gv.egovernment.moa.id.auth.modules.auth.dummy.test;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.api.data.EAAFConfigConstants;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import at.gv.egovernment.moa.id.auth.modules.auth.dummy.DummyIdentityAuthModule;
+import at.gv.egovernment.moa.id.auth.modules.auth.dummy.test.dummy.DummyAuthConfigMap;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+    "/test_dummy_identity_auth.beans.xml" })
+public class DummyIdentityAuthModuleTest {
+
+  @Autowired DummyAuthConfigMap config;
+  @Autowired DummyIdentityAuthModule module;
+  
+  private ExecutionContext context;
+  private TestRequestImpl pendingReq;
+  private Map<String, String> spConfigMap;
+  
+  @Before
+  public void initialize() {
+    context = new ExecutionContextImpl();
+
+    spConfigMap = new HashMap<>();
+    spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphanumeric(10));
+    
+    ISPConfiguration spConfig = new DummySPConfiguration(spConfigMap, config);    
+    pendingReq = new TestRequestImpl();
+    pendingReq.setSpConfig(spConfig);
+        
+    // re-set config
+    config.putConfigValue("modules.dummyauth.enabled", String.valueOf(true));
+        
+  }
+  
+  @Test
+  public void checkProcessDefinition() {    
+    String[] def = module.getProcessDefinitions();
+    
+    assertNotNull("no process definition", def);    
+    Arrays.asList(def).stream().forEach(
+        el -> DummyIdentityAuthModuleTest.class.getResourceAsStream(el));
+    
+  }
+  
+  
+  @Test
+  public void deactivated() {
+    config.putConfigValue("modules.dummyauth.enabled", String.valueOf(false));
+    
+    assertNull("wrong authModule selected", module.selectProcess(context, pendingReq));
+    
+  }
+  
+  @Test
+  public void unknownServiceProvider() {    
+    assertNull("wrong authModule selected", module.selectProcess(context, pendingReq));
+    
+  }
+  
+  @Test
+  public void allowedServiceProviderButNotRequested() {    
+    spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, "yyasdfasfsa2323");
+    
+    assertNull("wrong authModule selected", module.selectProcess(context, pendingReq));
+    
+  }
+  
+  @Test
+  public void allowedServiceProviderButWrongRequested() {    
+    spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, "yyasdfasfsa2323");    
+    context.put("dummyauth", 27);
+    
+    assertNull("wrong authModule selected", module.selectProcess(context, pendingReq));
+    
+  }
+  
+  @Test
+  public void allowedServiceProviderButFalseRequested() {    
+    spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, "yyasdfasfsa2323");    
+    context.put("dummyauth", "false");
+    
+    assertNull("wrong authModule selected", module.selectProcess(context, pendingReq));
+    
+  }
+  
+  @Test
+  public void allowedServiceProviderAndRequested() {    
+    spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, "yyasdfasfsa2323");    
+    context.put("dummyauth", "true");
+    
+    assertEquals("wrong authmethod identifier", "dummyIdentityAuthentication", 
+        module.selectProcess(context, pendingReq));
+    
+  }
+  
+}
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/DummyIdentityAuthSpringResourceProviderTest.java b/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/DummyIdentityAuthSpringResourceProviderTest.java
new file mode 100644
index 000000000..0e9da9fea
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/DummyIdentityAuthSpringResourceProviderTest.java
@@ -0,0 +1,55 @@
+package at.gv.egovernment.moa.id.auth.modules.auth.dummy.test;
+
+import java.io.IOException;
+import java.io.InputStream;
+import at.gv.egovernment.moa.id.auth.modules.auth.dummy.DummyIdentityAuthSpringResourceProvider;
+
+import org.apache.commons.io.IOUtils;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.BlockJUnit4ClassRunner;
+import org.springframework.core.io.Resource;
+
+
+
+@RunWith(BlockJUnit4ClassRunner.class)
+public class DummyIdentityAuthSpringResourceProviderTest {
+
+  @Test
+  public void testSpringConfig() {
+    final DummyIdentityAuthSpringResourceProvider test =
+        new DummyIdentityAuthSpringResourceProvider();
+    for (final Resource el : test.getResourcesToLoad()) {
+      try {
+        IOUtils.toByteArray(el.getInputStream());
+
+      } catch (final IOException e) {
+        Assert.fail("Ressouce: " + el.getFilename() + " not found");
+      }
+
+    }
+
+    Assert.assertNotNull("no Name", test.getName());
+    Assert.assertNull("Find package definitions", test.getPackagesToScan());
+
+  }
+
+  @Test
+  public void testSpILoaderConfig() {
+    final InputStream el = this.getClass().getResourceAsStream(
+        "/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider");
+    try {
+      final String spiFile = IOUtils.toString(el, "UTF-8");
+
+      Assert.assertEquals("Wrong classpath in SPI file",
+          DummyIdentityAuthSpringResourceProvider.class.getName(), spiFile);
+
+
+    } catch (final IOException e) {
+      Assert.fail("Ressouce: '/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider' not found");
+
+    }
+  }
+
+}
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/DummyIdentityServiceTest.java b/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/DummyIdentityServiceTest.java
new file mode 100644
index 000000000..19a9fc72e
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/DummyIdentityServiceTest.java
@@ -0,0 +1,48 @@
+package at.gv.egovernment.moa.id.auth.modules.auth.dummy.test;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+
+import java.util.Map;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.exceptions.EAAFAuthenticationException;
+import at.gv.egovernment.moa.id.auth.modules.auth.dummy.service.DummyIdentityService;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+    "/test_dummy_identity_auth.beans.xml" })
+public class DummyIdentityServiceTest {
+
+  @Autowired DummyIdentityService service;
+  
+  
+  @Test
+  public void numberOfLoadedIdentities() {
+    assertEquals("wrong number of identities in store", 3, service.getNumberOfLoadedIdentitySets());
+    
+  }
+  
+  @Test
+  public void getRandomIdentity() throws EAAFAuthenticationException {    
+    Map<String, String> idl = service.getIdentityRandomly();
+    
+    assertNotNull("idl", idl);
+    assertEquals("wrong number of attributes", 4, idl.size());
+        
+  }
+  
+  @Test
+  public void getManyRandomIdentity() throws EAAFAuthenticationException {        
+    for(int i=0; i<50; i++) {
+      assertNotNull("idl", service.getIdentityRandomly());
+      
+    }        
+  }    
+  
+}
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/InjectDummyIdentityInformationTaskTest.java b/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/InjectDummyIdentityInformationTaskTest.java
new file mode 100644
index 000000000..5d41496e2
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/InjectDummyIdentityInformationTaskTest.java
@@ -0,0 +1,92 @@
+package at.gv.egovernment.moa.id.auth.modules.auth.dummy.test;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.IRequestStorage;
+import at.gv.egiz.eaaf.core.api.data.EAAFConfigConstants;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
+import at.gv.egovernment.moa.id.auth.modules.auth.dummy.task.InjectDummyIdentityInformationTask;
+import at.gv.egovernment.moa.id.auth.modules.auth.dummy.test.dummy.DummyAuthConfigMap;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+    "/test_dummy_identity_auth.beans.xml" })
+public class InjectDummyIdentityInformationTaskTest {
+
+  @Autowired InjectDummyIdentityInformationTask task;
+  @Autowired DummyAuthConfigMap config;
+  @Autowired IRequestStorage storage;
+  
+  protected MockHttpServletRequest httpReq;
+  protected MockHttpServletResponse httpResp;
+  private ExecutionContext context;
+  private TestRequestImpl pendingReq;
+  private Map<String, String> spConfigMap;
+  
+  @Before
+  public void initialize() {
+    httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+    httpResp = new MockHttpServletResponse();
+    RequestContextHolder.resetRequestAttributes();
+    RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+    
+    context = new ExecutionContextImpl();
+
+    spConfigMap = new HashMap<>();
+    spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphanumeric(10));
+    
+    ISPConfiguration spConfig = new DummySPConfiguration(spConfigMap, config);    
+    pendingReq = new TestRequestImpl();
+    pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10));
+    pendingReq.setSpConfig(spConfig);
+        
+    // re-set config
+    config.putConfigValue("modules.dummyauth.enabled", String.valueOf(true));
+        
+  }
+  
+  @Test
+  public void injectIdentityData() throws TaskExecutionException, PendingReqIdValidationException {
+    
+    task.execute(pendingReq, context);
+    
+    // validate state
+    IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId());
+    assertNotNull("pendingReq not stored", storedReq);
+    
+    final AuthenticationSessionWrapper moaSession = storedReq.getSessionData(
+        AuthenticationSessionWrapper.class);
+    
+    assertFalse("foreign", moaSession.isForeigner());
+    assertFalse("mandate", moaSession.isMandateUsed());
+    assertNotNull("bkuUrl", moaSession.getBkuURL());    
+    assertEquals("missing attributes", 4, moaSession.getGenericSessionDataStorage().size());
+            
+  }
+  
+}
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/dummy/DummyAuthConfigMap.java b/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/dummy/DummyAuthConfigMap.java
new file mode 100644
index 000000000..3c0f9edf1
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/test/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/test/dummy/DummyAuthConfigMap.java
@@ -0,0 +1,136 @@
+package at.gv.egovernment.moa.id.auth.modules.auth.dummy.test.dummy;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.URI;
+import java.net.URL;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Properties;
+
+import org.apache.commons.lang3.StringUtils;
+
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
+import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
+
+/**
+ * Dummy Application-configuration implementation for jUnit tests.
+ *
+ * @author tlenz
+ *
+ */
+public class DummyAuthConfigMap implements IConfigurationWithSP {
+
+  private Map<String, String> config = new HashMap<>();
+  
+  public DummyAuthConfigMap() {
+    
+  }
+  
+  /**
+   * Dummy Application-configuration.
+   *
+   * @param configIs Property based configuration
+   * @throws IOException In case of an configuration read error
+   */
+  public DummyAuthConfigMap(final InputStream configIs) throws IOException {
+
+    final Properties props = new Properties();
+    props.load(configIs);
+
+    config = KeyValueUtils.convertPropertiesToMap(props);
+
+  }
+
+  /**
+   * Dummy Application-configuration.
+   *
+   * @param path Path to property based configuration
+   * @throws IOException In case of an configuration read error
+   */
+  public DummyAuthConfigMap(final String path) throws IOException {
+
+    final Properties props = new Properties();
+    props.load(this.getClass().getResourceAsStream(path));
+
+    config = KeyValueUtils.convertPropertiesToMap(props);
+
+  }
+
+
+  @Override
+  public String getBasicConfiguration(final String key) {
+    return config.get(key);
+
+  }
+
+  @Override
+  public String getBasicConfiguration(final String key, final String defaultValue) {
+    final String value = getBasicConfiguration(key);
+    if (StringUtils.isEmpty(value)) {
+      return defaultValue;
+    } else {
+      return value;
+    }
+
+  }
+
+  @Override
+  public Boolean getBasicConfigurationBoolean(final String key) {
+    final String value = getBasicConfiguration(key);
+    if (StringUtils.isEmpty(value)) {
+      return false;
+    } else {
+      return Boolean.valueOf(value);
+    }
+  }
+
+  @Override
+  public boolean getBasicConfigurationBoolean(final String key, final boolean defaultValue) {
+    return Boolean.parseBoolean(getBasicConfiguration(key, String.valueOf(defaultValue)));
+
+  }
+
+  @Override
+  public Map<String, String> getBasicConfigurationWithPrefix(final String prefix) {
+    return KeyValueUtils.getSubSetWithPrefix(config, prefix);
+
+  }
+
+  @Override
+  public ISPConfiguration getServiceProviderConfiguration(final String uniqueID)
+      throws EAAFConfigurationException {
+    return null;
+  }
+
+  @Override
+  public <T> T getServiceProviderConfiguration(final String spIdentifier, final Class<T> decorator)
+      throws EAAFConfigurationException {
+    return null;
+  }
+
+  @Override
+  public URI getConfigurationRootDirectory() {
+    return new java.io.File(".").toURI();
+
+  }
+
+  @Override
+  public String validateIDPURL(final URL authReqUrl) throws EAAFException {
+    return null;
+  }
+
+  public void putConfigValue(final String key, final String value) {
+    config.put(key, value);
+  }
+
+  public void removeConfigValue(final String key) {
+    config.remove(key);
+
+  }
+
+
+}
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/config1.properties b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/config1.properties
new file mode 100644
index 000000000..18bd21df1
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/config1.properties
@@ -0,0 +1,6 @@
+modules.dummyauth.enabled=true
+modules.dummyauth.identity.store.path=src/test/resources/config/idlstore/
+modules.dummyauth.sp.1=aaabbccddeeffgg
+modules.dummyauth.sp.2=yyasdfasfsa2323
+modules.dummyauth.sp.3=
+modules.dummyauth.sp.4=435344534egewgegf
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/config2.properties b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/config2.properties
new file mode 100644
index 000000000..d38ba692b
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/config2.properties
@@ -0,0 +1,5 @@
+modules.dummyauth.enabled=false
+modules.dummyauth.identity.store.path=notexit
+modules.dummyauth.sp.1=aaabbccddeeffgg
+modules.dummyauth.sp.2=yyasdfasfsa2323
+modules.dummyauth.sp.3=435344534egewgegf
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_1.json b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_1.json
new file mode 100644
index 000000000..4d927b7ad
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_1.json
@@ -0,0 +1,6 @@
+{
+  "urn:oid:2.5.4.42": "Max",
+  "urn:oid:1.2.40.0.10.2.1.1.261.20": "Mustermann",
+  "urn:oid:1.2.40.0.10.2.1.1.55": "1940-01-01",
+  "urn:oid:1.2.40.0.10.2.1.1.149": "GH:aaabbccddeeffgg"
+}
\ No newline at end of file
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_2.json b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_2.json
new file mode 100644
index 000000000..1cffdd696
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_2.json
@@ -0,0 +1,6 @@
+{
+  "urn:oid:2.5.4.42": "Susi",
+  "urn:oid:1.2.40.0.10.2.1.1.261.20": "Musterfrau",
+  "urn:oid:1.2.40.0.10.2.1.1.55": "1950-02-02",
+  "urn:oid:1.2.40.0.10.2.1.1.149": "GH:zzyyxx99887dd"
+}
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_invalid_json_1.json b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_invalid_json_1.json
new file mode 100644
index 000000000..ec1a4ba49
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_invalid_json_1.json
@@ -0,0 +1,6 @@
+{
+  "urn:oid:2.5.4.42": "Max"
+  "urn:oid:1.2.40.0.10.2.1.1.261.20": "Mustermann",
+  "urn:oid:1.2.40.0.10.2.1.1.55": "1940-01-01",
+  "urn:oid:1.2.40.0.10.2.1.1.149": "GH:aaabbccddeeffgg"
+}
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_invalid_json_2.json b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_invalid_json_2.json
new file mode 100644
index 000000000..71c2f654e
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_invalid_json_2.json
@@ -0,0 +1,7 @@
+{
+  "urn:oid:2.5.4.42": {
+      "urn:oid:1.2.40.0.10.2.1.1.261.20": "Mustermann"
+  },
+  "urn:oid:1.2.40.0.10.2.1.1.55": "1940-01-01",
+  "urn:oid:1.2.40.0.10.2.1.1.149": "GH:aaabbccddeeffgg"
+}
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_invalid_json_3.json b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_invalid_json_3.json
new file mode 100644
index 000000000..29a245ca4
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_invalid_json_3.json
@@ -0,0 +1,8 @@
+{
+  "urn:oid:2.5.4.42": {
+      "urn:oid:1.2.40.0.10.2.1.1.261.20": "Mustermann"
+  },
+  "urn:oid:1.2.40.0.10.2.1.1.261.20": "Mustermann",
+  "urn:oid:1.2.40.0.10.2.1.1.55": "1940-01-01",
+  "urn:oid:1.2.40.0.10.2.1.1.149": "GH:aaabbccddeeffgg"
+}
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_missing_attr.json b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_missing_attr.json
new file mode 100644
index 000000000..2f241c291
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_missing_attr.json
@@ -0,0 +1,5 @@
+{
+  "urn:oid:2.5.4.42": "Max",
+  "urn:oid:1.2.40.0.10.2.1.1.55": "1940-01-01",
+  "urn:oid:1.2.40.0.10.2.1.1.149": "GH:aaabbccddeeffgg"
+}
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_wrong_extension.txt b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_wrong_extension.txt
new file mode 100644
index 000000000..4d927b7ad
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/config/idlstore/idl_wrong_extension.txt
@@ -0,0 +1,6 @@
+{
+  "urn:oid:2.5.4.42": "Max",
+  "urn:oid:1.2.40.0.10.2.1.1.261.20": "Mustermann",
+  "urn:oid:1.2.40.0.10.2.1.1.55": "1940-01-01",
+  "urn:oid:1.2.40.0.10.2.1.1.149": "GH:aaabbccddeeffgg"
+}
\ No newline at end of file
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/resources/test_dummy_identity_auth.beans.xml b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/test_dummy_identity_auth.beans.xml
new file mode 100644
index 000000000..cca27822e
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/test_dummy_identity_auth.beans.xml
@@ -0,0 +1,20 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:context="http://www.springframework.org/schema/context"
+	xmlns:tx="http://www.springframework.org/schema/tx"
+	xmlns:aop="http://www.springframework.org/schema/aop"
+	xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+		http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+	<import resource="classpath:/SpringTest-context_authManager.xml" />	
+	<import resource="classpath:/moaid_dummy_identity_auth.beans.xml" />
+
+	<bean id="dummyConfig" class="at.gv.egovernment.moa.id.auth.modules.auth.dummy.test.dummy.DummyAuthConfigMap">
+		<constructor-arg name="path" value="/config/config1.properties" />
+	</bean>
+ 					
+																						
+</beans>
\ No newline at end of file
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/test/resources/test_dummy_identity_auth_lazy.beans.xml b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/test_dummy_identity_auth_lazy.beans.xml
new file mode 100644
index 000000000..e818bd29c
--- /dev/null
+++ b/id/server/modules/moa-id-module-dummyAuth/src/test/resources/test_dummy_identity_auth_lazy.beans.xml
@@ -0,0 +1,27 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:context="http://www.springframework.org/schema/context"
+	xmlns:tx="http://www.springframework.org/schema/tx"
+	xmlns:aop="http://www.springframework.org/schema/aop"
+	xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+		http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+	<import resource="classpath:/SpringTest-context_authManager.xml" />	
+
+	<bean id="dummyConfig" class="at.gv.egovernment.moa.id.auth.modules.auth.dummy.test.dummy.DummyAuthConfigMap">
+		<constructor-arg name="path" value="/config/config2.properties" />
+	</bean>
+ 		
+	<beans default-lazy-init="true">
+		<bean id="dummyIdentityAuthModule" class="at.gv.egovernment.moa.id.auth.modules.auth.dummy.DummyIdentityAuthModule">
+			<property name="priority" value="4" />
+		</bean>
+ 					
+		<bean id="dummyIdentityService"
+		  class="at.gv.egovernment.moa.id.auth.modules.auth.dummy.service.DummyIdentityService" /> 		
+		</beans>			
+																						
+</beans>
\ No newline at end of file
diff --git a/id/server/modules/pom.xml b/id/server/modules/pom.xml
index fb8c5c5df..c762cf51c 100644
--- a/id/server/modules/pom.xml
+++ b/id/server/modules/pom.xml
@@ -36,7 +36,9 @@
    		
    	<module>moa-id-module-sl20_authentication</module>
     <module>moa-id-module-AT_eIDAS_connector</module>
-    <module>moa-id-module-E-ID_connector</module>
+    <module>moa-id-module-E-ID_connector</module>    
+    <module>moa-id-module-dummyAuth</module>
+    
   </modules>
 	
 	<dependencies>
-- 
cgit v1.2.3


From dd90213ddbfeee68843fddaa7bf37624812ef217 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Mon, 7 Jun 2021 07:19:01 +0200
Subject: set 'needConsent' flag to false during dummy-authenticatio to
 over-roll SP configuration

---
 id/server/modules/moa-id-module-dummyAuth/pom.xml                   | 1 +
 .../modules/auth/dummy/task/InjectDummyIdentityInformationTask.java | 6 ++++++
 2 files changed, 7 insertions(+)

(limited to 'id/server')

diff --git a/id/server/modules/moa-id-module-dummyAuth/pom.xml b/id/server/modules/moa-id-module-dummyAuth/pom.xml
index 42b8ca775..b8f1163ad 100644
--- a/id/server/modules/moa-id-module-dummyAuth/pom.xml
+++ b/id/server/modules/moa-id-module-dummyAuth/pom.xml
@@ -9,6 +9,7 @@
 		<version>4.1.6-SNAPSHOT</version>
 	</parent>
 	<artifactId>moa-id-module-dummy-authenticatiuon</artifactId>
+  	<version>${moa-id-dummy-auth.version}</version>
 	<description>Module for dummy authentication in MOA-ID</description>
 
 	<dependencies>
diff --git a/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/task/InjectDummyIdentityInformationTask.java b/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/task/InjectDummyIdentityInformationTask.java
index 8fed1c544..5eb441bc9 100644
--- a/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/task/InjectDummyIdentityInformationTask.java
+++ b/id/server/modules/moa-id-module-dummyAuth/src/main/java/at/gv/egovernment/moa/id/auth/modules/auth/dummy/task/InjectDummyIdentityInformationTask.java
@@ -75,6 +75,12 @@ public class InjectDummyIdentityInformationTask extends AbstractAuthServletTask
       Logger.debug("Injecting user credentials for Dummy-Identity authentication ... ");
       parseDemoValuesIntoMOASession(pendingReq);
 
+      // set 'needConsent' to false, because user gives consent during authentication
+      pendingReq.setNeedUserConsent(false);
+      
+      // set 'authenticated' flag to true
+      pendingReq.setAuthenticated(true);
+      
       // store MOASession into database
       requestStoreage.storePendingRequest(pendingReq);
 
-- 
cgit v1.2.3


From 52a7359e6a819e6c92bab4234dd5fb509d0ed1f5 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Tue, 27 Jul 2021 13:43:33 +0200
Subject: delete files that not needed any more

---
 id/server/proxy/.gitignore | 2 --
 1 file changed, 2 deletions(-)
 delete mode 100644 id/server/proxy/.gitignore

(limited to 'id/server')

diff --git a/id/server/proxy/.gitignore b/id/server/proxy/.gitignore
deleted file mode 100644
index 4dc009173..000000000
--- a/id/server/proxy/.gitignore
+++ /dev/null
@@ -1,2 +0,0 @@
-/target
-/bin
-- 
cgit v1.2.3


From 1b7c56f30ff37596933a904b8ae931be18e9015b Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Mon, 30 Aug 2021 10:37:37 +0200
Subject: throw RuntimeException in case of an error during initialization of
 transaction encryption-layer

---
 .../java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java   | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

(limited to 'id/server')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java
index 498f8408b..d4a6ee786 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/SessionEncrytionUtil.java
@@ -32,14 +32,15 @@ public class SessionEncrytionUtil extends AbstractEncrytionUtil {
 	private static String key = null;
 	
 	public static SessionEncrytionUtil getInstance() {
-		if (instance == null) {
+		if (instance == null) {		  		  
 			try {
 				key = AuthConfigurationProviderFactory.getInstance().getMOASessionEncryptionKey();			
-				instance =  new SessionEncrytionUtil();
+				instance =  new SessionEncrytionUtil();	
 								
 			} catch (Exception e) {
 				Logger.warn("MOASession encryption can not be inizialized.", e);
-				
+				throw new RuntimeException("MOASession encryption can not be inizialized.", e);
+								
 			}					
 		}
 		return instance;
-- 
cgit v1.2.3


From ba6ba0af88d8c9472a63356ddf3d19f84847c2d7 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Wed, 28 Jul 2021 11:33:11 +0200
Subject: add new authentication module for EHVD communication

---
 id/server/auth-edu/pom.xml                         |   5 +
 .../modules/moa-id-module-ehvd_integration/pom.xml |  57 ++++++++
 .../auth/modules/ehvd/ConfigurationProperties.java |  48 +++++++
 .../auth/modules/ehvd/EhvdServiceAuthModule.java   | 147 ++++++++++++++++++++
 .../EhvdServiceAuthSpringResourceProvider.java     |  62 +++++++++
 .../ehvd/attributes/PvpRoleAttributeBuilder.java   |  58 ++++++++
 .../ehvd/service/EhvdCommunicationService.java     |  69 ++++++++++
 .../modules/ehvd/service/IEhvdCommunication.java   |  23 ++++
 .../ehvd/task/InjectEhvdInformationTask.java       | 103 ++++++++++++++
 .../DefaultAuth_with_ehvd_interaction.process.xml  |  32 +++++
 ...iz.components.spring.api.SpringResourceProvider |   1 +
 .../at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder |   1 +
 .../resources/moaid_ehvd_service_auth.beans.xml    |  23 ++++
 .../resources/properties/id_messages.properties    |   2 +
 .../protocol_response_statuscodes.properties       |   2 +
 .../auth/modules/ehvd/test/BeanCreationTest.java   |  39 ++++++
 .../ehvd/test/EhvdServiceAuthModuleTest.java       | 101 ++++++++++++++
 .../EhvdServiceAuthSpringResourceProviderTest.java |  56 ++++++++
 .../InjectEhvdIdentityInformationTaskTest.java     | 131 ++++++++++++++++++
 .../attributes/PvpRoleAttributeBuilderTest.java    | 124 +++++++++++++++++
 .../ehvd/test/dummy/DummyAuthConfigMap.java        | 136 +++++++++++++++++++
 .../id/auth/modules/ehvd/test/dummy/TestUtils.java | 150 +++++++++++++++++++++
 .../utils/AttributeBuilderRegistrationTest.java    |  41 ++++++
 .../test/utils/AuthenticationRoleFactoryTest.java  |  65 +++++++++
 .../ehvd/test/utils/MoaStatusMessagerTest.java     |  55 ++++++++
 .../src/test/resources/config/config1.properties   |   5 +
 .../src/test/resources/config/config2.properties   |   4 +
 .../resources/test_ehvd_service_auth.beans.xml     |  19 +++
 .../test_ehvd_service_auth_lazy.beans.xml          |  24 ++++
 .../test_ehvd_service_messager_auth.beans.xml      |  15 +++
 id/server/modules/pom.xml                          |   1 +
 31 files changed, 1599 insertions(+)
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/pom.xml
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthModule.java
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthSpringResourceProvider.java
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/PvpRoleAttributeBuilder.java
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/IEhvdCommunication.java
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/task/InjectEhvdInformationTask.java
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/main/resources/DefaultAuth_with_ehvd_interaction.process.xml
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/main/resources/moaid_ehvd_service_auth.beans.xml
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/id_messages.properties
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/protocol_response_statuscodes.properties
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/BeanCreationTest.java
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthModuleTest.java
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthSpringResourceProviderTest.java
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/InjectEhvdIdentityInformationTaskTest.java
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/PvpRoleAttributeBuilderTest.java
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/DummyAuthConfigMap.java
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/TestUtils.java
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AttributeBuilderRegistrationTest.java
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AuthenticationRoleFactoryTest.java
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/MoaStatusMessagerTest.java
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config1.properties
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config2.properties
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth.beans.xml
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth_lazy.beans.xml
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_messager_auth.beans.xml

(limited to 'id/server')

diff --git a/id/server/auth-edu/pom.xml b/id/server/auth-edu/pom.xml
index 42e035c7a..6a8110a28 100644
--- a/id/server/auth-edu/pom.xml
+++ b/id/server/auth-edu/pom.xml
@@ -228,6 +228,11 @@
 		 	<artifactId>moa-id-module-EID_connector</artifactId>
 		</dependency>
 
+    <dependency>
+			<groupId>MOA.id.server.modules</groupId>
+    	<artifactId>moa-id-module-ehvd_integration</artifactId>
+    </dependency>    
+    
 <!-- 	
 		<dependency>
 			<groupId>org.apache.santuario</groupId>
diff --git a/id/server/modules/moa-id-module-ehvd_integration/pom.xml b/id/server/modules/moa-id-module-ehvd_integration/pom.xml
new file mode 100644
index 000000000..05b2d0daa
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/pom.xml
@@ -0,0 +1,57 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
+	<modelVersion>4.0.0</modelVersion>
+	<parent>
+		<groupId>MOA.id.server.modules</groupId>
+		<artifactId>moa-id-modules</artifactId>
+		<version>4.1.6-SNAPSHOT</version>
+	</parent>
+	<artifactId>moa-id-module-ehvd_integration</artifactId>
+	<version>${moa-id-ehvd_integration.version}</version>
+	<description>Module to integrate information from EHVD into MOA-ID response</description>
+
+	<dependencies>
+		<dependency>
+			<groupId>MOA.id.server.modules</groupId>
+			<artifactId>moa-id-modul-citizencard_authentication</artifactId>
+			<exclusions>
+				<exclusion>
+					<groupId>*</groupId>
+				</exclusion>
+			</exclusions>
+		</dependency>
+		
+		<dependency>
+			<groupId>MOA.id.server</groupId>
+			<artifactId>moa-id-lib</artifactId>
+			<scope>provided</scope>
+		</dependency>
+
+
+		<dependency>
+			<groupId>org.springframework</groupId>
+			<artifactId>spring-test</artifactId>
+			<scope>test</scope>
+		</dependency>
+		<dependency>
+			<groupId>junit</groupId>
+			<artifactId>junit</artifactId>
+			<scope>test</scope>
+		</dependency>
+		<dependency>
+			<groupId>at.gv.egiz.eaaf</groupId>
+			<artifactId>eaaf_core_utils</artifactId>
+			<scope>test</scope>
+			<type>test-jar</type>
+		</dependency>
+		<dependency>
+			<groupId>at.gv.egiz.eaaf</groupId>
+			<artifactId>eaaf-core</artifactId>
+			<scope>test</scope>
+			<type>test-jar</type>
+		</dependency>
+								
+	</dependencies>
+</project>
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java
new file mode 100644
index 000000000..fd7d1b013
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java
@@ -0,0 +1,48 @@
+/*
+ * Copyright 2021 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.auth.modules.ehvd;
+
+import java.util.Collection;
+
+import com.google.common.collect.Sets;
+
+import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
+import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions;
+
+public class ConfigurationProperties {
+
+  // configuration properties
+  private static final String MODULE_PREFIX = "modules.ehvd.";
+  
+  public static final String PROP_MODULE_ENABLED = MODULE_PREFIX + "enabled";
+  public static final String PROP_MODULE_SP_PREFIX = MODULE_PREFIX + "sp";
+   
+  public static final String PROP_MODULE_SERVICE_TARGET = MODULE_PREFIX + "service.bpk.target";
+  
+  
+  public static final String DEFAULT_EHVD_SERVICE_TARGET = EAAFConstants.URN_PREFIX_CDID + "GH"; 
+  
+  private ConfigurationProperties() {
+    // hide constructor or static class
+  }
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthModule.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthModule.java
new file mode 100644
index 000000000..917c226a2
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthModule.java
@@ -0,0 +1,147 @@
+/*
+ * Copyright 2021 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.auth.modules.ehvd;
+
+import java.util.Collection;
+import java.util.Collections;
+import java.util.stream.Collectors;
+
+import javax.annotation.PostConstruct;
+
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egovernment.moa.id.auth.modules.internal.DefaultCitizenCardAuthModuleImpl;
+import at.gv.egovernment.moa.logging.Logger;
+
+/**
+ * @author tlenz
+ *
+ */
+public class EhvdServiceAuthModule extends DefaultCitizenCardAuthModuleImpl {
+
+  private int priority = 2;
+
+  @Autowired(required = true)
+  protected IConfigurationWithSP authConfig;
+
+  private Collection<String> uniqueIDsEnabled;
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getPriority()
+   */
+  @Override
+  public int getPriority() {
+    return priority;
+
+  }
+
+  /**
+   * Sets the priority of this module. Default value is {@code 0}.
+   *
+   * @param priority The priority.
+   */
+  public void setPriority(int priority) {
+    this.priority = priority;
+
+  }
+
+  @PostConstruct
+  private void initialDummyAuthWhiteList() {
+    if (authConfig.getBasicConfigurationBoolean(ConfigurationProperties.PROP_MODULE_ENABLED, false)) {
+      Logger.info("AuthModule for 'EHVD injection' is enabled");
+
+      // load allowed service-provider Id's
+      uniqueIDsEnabled = authConfig.getBasicConfigurationWithPrefix(
+          ConfigurationProperties.PROP_MODULE_SP_PREFIX).values().stream()
+          .filter(el -> StringUtils.isNotEmpty(el))
+          .collect(Collectors.toSet());
+
+      if (!uniqueIDsEnabled.isEmpty()) {
+        Logger.info("EHVD communication is enabled for ....");
+        uniqueIDsEnabled.forEach(el -> Logger.info("   EntityID: " + el));
+
+      }
+
+    } else {
+      uniqueIDsEnabled = Collections.emptySet();
+      Logger.info("AuthModule for 'EHVD injection' is disabled");
+
+    }
+
+  }
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#selectProcess(at.gv.
+   * egovernment.moa.id.process.api.ExecutionContext)
+   */
+  @Override
+  public String selectProcess(ExecutionContext context, IRequest pendingReq) {
+
+    if (authConfig.getBasicConfigurationBoolean(ConfigurationProperties.PROP_MODULE_ENABLED, false)) {
+      final String spEntityID = pendingReq.getServiceProviderConfiguration().getUniqueIdentifier();
+      Logger.trace("Checking EHVD communication for SP: " + spEntityID + " ....");      
+      boolean ccAuthRequested = StringUtils.isNotEmpty(super.selectProcess(context, pendingReq));
+      if (uniqueIDsEnabled.contains(spEntityID) && ccAuthRequested) {
+        Logger.debug("EHVD communication is allowed for SP: " + spEntityID);                  
+        return "DefaultAuthenticationWithEHVDInteraction";
+
+      } else {
+        if (Logger.isDebugEnabled()) {
+          if (ccAuthRequested) {
+            Logger.debug("Unique SP-Id: " + spEntityID + " is not in whitelist for EHVD communication.");
+          
+          } else {
+            Logger.trace("No CititzenCard authentication requested. EHVD communication skipped too");
+          
+          }
+        }
+      }
+
+    } else {
+      Logger.trace("'EHVD injection' authentication is disabled");
+
+    }
+
+    return null;
+
+  }
+
+  /*
+   * (non-Javadoc)
+   *
+   * @see at.gv.egovernment.moa.id.auth.modules.AuthModule#getProcessDefinitions()
+   */
+  @Override
+  public String[] getProcessDefinitions() {
+    return new String[] { "classpath:/DefaultAuth_with_ehvd_interaction.process.xml" };
+  }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthSpringResourceProvider.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthSpringResourceProvider.java
new file mode 100644
index 000000000..ea0695a1a
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthSpringResourceProvider.java
@@ -0,0 +1,62 @@
+/*
+ * Copyright 2021 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.auth.modules.ehvd;
+
+import org.springframework.core.io.ClassPathResource;
+import org.springframework.core.io.Resource;
+
+import at.gv.egiz.components.spring.api.SpringResourceProvider;
+
+/**
+ * @author tlenz
+ *
+ */
+public class EhvdServiceAuthSpringResourceProvider implements SpringResourceProvider {
+
+	/* (non-Javadoc)
+	 * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getResourcesToLoad()
+	 */
+	@Override
+	public Resource[] getResourcesToLoad() {
+		ClassPathResource authConfig = new ClassPathResource("/moaid_ehvd_service_auth.beans.xml", EhvdServiceAuthSpringResourceProvider.class);							
+		return new Resource[] {authConfig};
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getPackagesToScan()
+	 */
+	@Override
+	public String[] getPackagesToScan() {
+		// TODO Auto-generated method stub
+		return null;
+	}
+
+	/* (non-Javadoc)
+	 * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getName()
+	 */
+	@Override
+	public String getName() {
+		return "Module for 'Dummy Authentication'";
+	}
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/PvpRoleAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/PvpRoleAttributeBuilder.java
new file mode 100644
index 000000000..0f1c96aa8
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/PvpRoleAttributeBuilder.java
@@ -0,0 +1,58 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes;
+
+import java.util.stream.Collectors;
+
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IPVPAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA;
+import at.gv.egovernment.moa.id.data.IMOAAuthData;
+import at.gv.egovernment.moa.logging.Logger;
+
+@PVPMETADATA
+public class PvpRoleAttributeBuilder implements IPVPAttributeBuilder {
+
+  private static final String ROLE_NAME_DELIMITER = ";";
+  
+  @Override
+  public <ATT> ATT build(ISPConfiguration oaParam, IAuthData authData,
+      IAttributeGenerator<ATT> g) throws AttributeBuilderException {
+    if (authData instanceof IMOAAuthData) {
+      IMOAAuthData moaAuthData = (IMOAAuthData)authData;
+      if (moaAuthData.getAuthenticationRoles() != null 
+          && !moaAuthData.getAuthenticationRoles().isEmpty()) {
+        return g.buildStringAttribute(ROLES_FRIENDLY_NAME, ROLES_NAME,
+            moaAuthData.getAuthenticationRoles().stream()
+                .map(el -> el.getRawRoleString())
+                .collect(Collectors.joining(ROLE_NAME_DELIMITER)));
+        
+        
+      } else {
+        Logger.trace("No PVP roles available. Skipping attribute: " + ROLES_FRIENDLY_NAME);
+        
+      }
+            
+    } else {
+      Logger.info("Attribute: " + ROLES_FRIENDLY_NAME + " is only available in MOA-ID context");
+      
+    }
+       
+    return null;
+    
+  }
+
+  @Override
+  public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) {
+    return g.buildEmptyAttribute(ROLES_FRIENDLY_NAME, ROLES_NAME);
+    
+  }
+
+  @Override
+  public String getName() {
+    return ROLES_NAME;
+    
+  }
+  
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java
new file mode 100644
index 000000000..f0e2069a1
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java
@@ -0,0 +1,69 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.service;
+
+import java.util.Collections;
+import java.util.List;
+
+import javax.annotation.Nonnull;
+import javax.annotation.PostConstruct;
+
+import org.springframework.beans.factory.annotation.Autowired;
+
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
+import at.gv.egiz.eaaf.core.exceptions.EAAFBuilderException;
+import at.gv.egiz.eaaf.core.impl.data.Pair;
+import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BPKBuilder;
+import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.logging.Logger;
+
+/**
+ * Implement interaction with EHVD service to get GDA information.
+ * 
+ * @author tlenz
+ *
+ */
+public class EhvdCommunicationService implements IEhvdCommunication {
+
+  @Autowired IConfiguration config;
+  
+  private String ehvdBpkTarget;
+  
+  /**
+   * Get user's GDA roles from EHVD Service.
+   * 
+   * @param identityLink IdentityLink of the user
+   * @return {@link List} of Roles that are received from EHVD
+   * @throws AuthenticationException In case of an EHVD communication error
+   * @throws EAAFBuilderException  In case of a bPK generation error
+   */
+  @Override
+  @Nonnull
+  public List<String> getRoles(IIdentityLink identityLink) throws AuthenticationException, EAAFBuilderException {
+  
+    // get bPK for EHVD request
+    Pair<String, String> ehvdBpk = BPKBuilder.generateAreaSpecificPersonIdentifier(
+        identityLink.getIdentificationValue(), 
+        identityLink.getIdentificationType(), 
+        ehvdBpkTarget);
+    
+    
+    //TODO: request EHVD and handle errors
+    
+    //TODO: parse roles from response
+    
+    
+    return Collections.emptyList();
+    
+  }
+
+  @PostConstruct
+  private void initialize() {
+    ehvdBpkTarget = config.getBasicConfiguration(
+        ConfigurationProperties.PROP_MODULE_SERVICE_TARGET, 
+        ConfigurationProperties.DEFAULT_EHVD_SERVICE_TARGET);    
+    Logger.info("Initialize EHVD Client with bPK target: " + ehvdBpkTarget);
+    
+  }
+     
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/IEhvdCommunication.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/IEhvdCommunication.java
new file mode 100644
index 000000000..8a9c7db5c
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/IEhvdCommunication.java
@@ -0,0 +1,23 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.service;
+
+import java.util.List;
+
+import javax.annotation.Nonnull;
+
+import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
+import at.gv.egiz.eaaf.core.exceptions.EAAFBuilderException;
+import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+
+public interface IEhvdCommunication {
+
+  /**
+   * Get user's GDA roles from EHVD Service.
+   * 
+   * @param identityLink IdentityLink of the user
+   * @return {@link List} of Roles that are received from EHVD
+   * @throws AuthenticationException In case of an EHVD communication error
+   * @throws EAAFBuilderException  In case of a bPK generation error
+   */
+  List<String> getRoles(IIdentityLink identityLink) throws AuthenticationException, EAAFBuilderException;
+
+}
\ No newline at end of file
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/task/InjectEhvdInformationTask.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/task/InjectEhvdInformationTask.java
new file mode 100644
index 000000000..b44863b80
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/task/InjectEhvdInformationTask.java
@@ -0,0 +1,103 @@
+/*
+ * Copyright 2021 Federal Chancellery Austria
+ * MOA-ID has been developed in a cooperation between BRZ, the Federal
+ * Chancellery Austria - ICT staff unit, and Graz University of Technology.
+ *
+ * Licensed under the EUPL, Version 1.1 or - as soon they will be approved by
+ * the European Commission - subsequent versions of the EUPL (the "Licence");
+ * You may not use this work except in compliance with the Licence.
+ * You may obtain a copy of the Licence at:
+ * http://www.osor.eu/eupl/
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the Licence is distributed on an "AS IS" basis,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the Licence for the specific language governing permissions and
+ * limitations under the Licence.
+ *
+ * This product combines work with different licenses. See the "NOTICE" text
+ * file for details on the various modules and licenses.
+ * The "NOTICE" text file is part of the distribution. Any derivative works
+ * that you distribute must include a readable copy of the "NOTICE" text file.
+ */
+package at.gv.egovernment.moa.id.auth.modules.ehvd.task;
+
+import java.util.List;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.data.Pair;
+import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BPKBuilder;
+import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
+import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.service.IEhvdCommunication;
+import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
+import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
+import at.gv.egovernment.moa.logging.Logger;
+
+/**
+ * @author tlenz
+ *
+ */
+@Component("InjectEhvdInformationTask")
+public class InjectEhvdInformationTask extends AbstractAuthServletTask {
+
+  @Autowired IEhvdCommunication ehvdService;
+  
+  /*
+   * (non-Javadoc)
+   *
+   * @see
+   * at.gv.egovernment.moa.id.auth.modules.AbstractAuthServletTask#execute(at.gv.
+   * egovernment.moa.id.process.api.ExecutionContext,
+   * javax.servlet.http.HttpServletRequest,
+   * javax.servlet.http.HttpServletResponse)
+   */
+  @Override
+  public void execute(ExecutionContext executionContext, HttpServletRequest request,
+      HttpServletResponse response)
+      throws TaskExecutionException {
+    try {
+      final AuthenticationSessionWrapper session = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
+      
+      // validate internal state
+      validateInternalState(session);
+            
+      // requesting roles from EHVD
+      List<String> ehvdRoles = ehvdService.getRoles(session.getIdentityLink());
+            
+      // inject EHVD roles      
+      session.setGenericDataToSession(PVPConstants.ROLES_NAME, StringUtils.join(ehvdRoles, ";"));
+      
+      // store MOASession into database
+      requestStoreage.storePendingRequest(pendingReq);
+
+    } catch (final MOAIDException e) {
+      throw new TaskExecutionException(pendingReq, e.getMessage(), e);
+
+    } catch (final Exception e) {
+      throw new TaskExecutionException(pendingReq, e.getMessage(), e);
+
+    }
+  }
+
+  private void validateInternalState(AuthenticationSessionWrapper session) throws AuthenticationException {
+    //check if identityLink is available
+    if (session.getIdentityLink() == null ) {
+      Logger.error("No IdentityLink in session. There is an internal error in process definition");
+      throw new AuthenticationException("process.04", null);
+      
+    }
+    
+    
+  }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/DefaultAuth_with_ehvd_interaction.process.xml b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/DefaultAuth_with_ehvd_interaction.process.xml
new file mode 100644
index 000000000..2ff0d552f
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/DefaultAuth_with_ehvd_interaction.process.xml
@@ -0,0 +1,32 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<pd:ProcessDefinition id="DefaultAuthenticationWithEHVDInteraction" xmlns:pd="http://reference.e-government.gv.at/namespace/moa/process/definition/v1">
+
+    <!-- Tasks involved in this authentication flow -->
+	<pd:Task id="initializeBKUAuthentication" class="InitializeBKUAuthenticationTask" />
+	<pd:Task id="createIdentityLinkForm"    class="CreateIdentityLinkFormTask" />
+	<pd:Task id="verifyIdentityLink"        class="VerifyIdentityLinkTask"        async="true" />		
+	<pd:Task id="prepareAuthBlockSignature" class="PrepareAuthBlockSignatureTask" />
+	<pd:Task id="verifyAuthBlock"           class="VerifyAuthenticationBlockTask" async="true" />
+		
+	<pd:Task id="injectEhvdInformation"		class="InjectEhvdInformationTask" />	
+	<pd:Task id="userRestrictionTask" 		class="UserRestrictionTask" />
+	
+	<pd:Task id="finalizeAuthentication" 	class="FinalizeAuthenticationTask" />	
+		
+		
+	<!-- definition of the authentication flow -->
+	<pd:StartEvent id="start" />
+	
+	<pd:Transition from="start"                		  to="initializeBKUAuthentication" />	
+	<pd:Transition from="initializeBKUAuthentication" to="createIdentityLinkForm" />	
+	<pd:Transition from="createIdentityLinkForm"      to="verifyIdentityLink" />	
+	<pd:Transition from="verifyIdentityLink"          to="prepareAuthBlockSignature" />			
+	<pd:Transition from="prepareAuthBlockSignature"   to="verifyAuthBlock" />	
+	<pd:Transition from="verifyAuthBlock"             to="userRestrictionTask" />				
+	<pd:Transition from="userRestrictionTask"         to="injectEhvdInformation" />	
+	<pd:Transition from="injectEhvdInformation"       to="finalizeAuthentication" />	
+	<pd:Transition from="finalizeAuthentication"      to="end" />		
+	
+	<pd:EndEvent id="end" />
+
+</pd:ProcessDefinition>
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider
new file mode 100644
index 000000000..6985f2b7d
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider
@@ -0,0 +1 @@
+at.gv.egovernment.moa.id.auth.modules.ehvd.EhvdServiceAuthSpringResourceProvider
\ No newline at end of file
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder
new file mode 100644
index 000000000..4dd043048
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder
@@ -0,0 +1 @@
+at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.PvpRoleAttributeBuilder
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/moaid_ehvd_service_auth.beans.xml b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/moaid_ehvd_service_auth.beans.xml
new file mode 100644
index 000000000..4ef523ec8
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/moaid_ehvd_service_auth.beans.xml
@@ -0,0 +1,23 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:context="http://www.springframework.org/schema/context"
+	xmlns:tx="http://www.springframework.org/schema/tx"
+	xmlns:aop="http://www.springframework.org/schema/aop"
+	xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+		http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+	<bean id="ehvdServiceAuthModule" class="at.gv.egovernment.moa.id.auth.modules.ehvd.EhvdServiceAuthModule">
+		<property name="priority" value="4" />
+	</bean>
+ 					 		
+	<bean id="ehvdCommunicationService"
+		  class="at.gv.egovernment.moa.id.auth.modules.ehvd.service.EhvdCommunicationService"/> 					 			
+ 					 						
+	<bean id="InjectEhvdInformationTask" 
+		  class="at.gv.egovernment.moa.id.auth.modules.ehvd.task.InjectEhvdInformationTask"
+		  scope="prototype"/>
+																						
+</beans>
\ No newline at end of file
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/id_messages.properties b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/id_messages.properties
new file mode 100644
index 000000000..89fd19362
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/id_messages.properties
@@ -0,0 +1,2 @@
+ehvd.00=GDA Status inaktiv
+ehvd.99=Allgemeiner Fehler bei der Abfrage des EHVD Service
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/protocol_response_statuscodes.properties b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/protocol_response_statuscodes.properties
new file mode 100644
index 000000000..fca8fa8cd
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/protocol_response_statuscodes.properties
@@ -0,0 +1,2 @@
+test.01=aabbccdd
+test.02=zzzyyyxxx
\ No newline at end of file
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/BeanCreationTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/BeanCreationTest.java
new file mode 100644
index 000000000..91bf67b2d
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/BeanCreationTest.java
@@ -0,0 +1,39 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test;
+
+import static org.junit.Assert.assertNotNull;
+
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.ApplicationContext;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egovernment.moa.id.auth.modules.ehvd.EhvdServiceAuthModule;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+    "/test_ehvd_service_auth_lazy.beans.xml" })
+public class BeanCreationTest {
+
+  @Autowired
+  DummyAuthConfigMap config;
+  @Autowired
+  ApplicationContext context;
+
+  @Before
+  public void initialize() {
+    // re-set config
+    config.putConfigValue("modules.ehvd.enabled", String.valueOf(false));
+
+  }
+
+  @Test
+  public void authModuleDeactivated() {
+    assertNotNull("AuthModule", context.getBean(EhvdServiceAuthModule.class));
+
+  }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthModuleTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthModuleTest.java
new file mode 100644
index 000000000..4a7c98803
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthModuleTest.java
@@ -0,0 +1,101 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Map;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.api.data.EAAFConfigConstants;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.EhvdServiceAuthModule;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap;
+import at.gv.egovernment.moa.id.commons.MOAIDAuthConstants;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+    "/test_ehvd_service_auth.beans.xml" })
+public class EhvdServiceAuthModuleTest {
+
+  @Autowired DummyAuthConfigMap config;
+  @Autowired EhvdServiceAuthModule module;
+  
+  private ExecutionContext context;
+  private TestRequestImpl pendingReq;
+  private Map<String, String> spConfigMap;
+  
+  @Before
+  public void initialize() {
+    context = new ExecutionContextImpl();
+
+    spConfigMap = new HashMap<>();
+    spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphanumeric(10));
+    
+    ISPConfiguration spConfig = new DummySPConfiguration(spConfigMap, config);    
+    pendingReq = new TestRequestImpl();
+    pendingReq.setSpConfig(spConfig);
+        
+    // re-set config
+    config.putConfigValue("modules.ehvd.enabled", String.valueOf(true));
+        
+    context.put(MOAIDAuthConstants.PROCESSCONTEXT_PERFORM_BKUSELECTION, String.valueOf(false));
+    context.put(MOAIDAuthConstants.PARAM_BKU, RandomStringUtils.randomAlphabetic(5));
+    
+  }
+  
+  @Test
+  public void checkProcessDefinition() {    
+    String[] def = module.getProcessDefinitions();
+    
+    assertNotNull("no process definition", def);    
+    Arrays.asList(def).stream().forEach(
+        el -> EhvdServiceAuthModuleTest.class.getResourceAsStream(el));
+    
+  }
+  
+  @Test
+  public void bkuSelectionActiv() {
+    context.put(MOAIDAuthConstants.PROCESSCONTEXT_PERFORM_BKUSELECTION, String.valueOf(true));
+    
+    assertNull("wrong authModule selected", module.selectProcess(context, pendingReq));
+    
+  }
+  
+  @Test
+  public void deactivated() {
+    config.putConfigValue("modules.ehvd.enabled", String.valueOf(false));
+    
+    assertNull("wrong authModule selected", module.selectProcess(context, pendingReq));
+    
+  }
+  
+  @Test
+  public void unknownServiceProvider() {    
+    assertNull("wrong authModule selected",  module.selectProcess(context, pendingReq));
+    
+  }
+        
+  @Test
+  public void allowedServiceProviderAndRequested() {    
+    spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, "yyasdfasfsa2323");    
+    
+    assertEquals("wrong authmethod identifier", "DefaultAuthenticationWithEHVDInteraction", 
+        module.selectProcess(context, pendingReq));
+    
+  }
+  
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthSpringResourceProviderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthSpringResourceProviderTest.java
new file mode 100644
index 000000000..b584e8753
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/EhvdServiceAuthSpringResourceProviderTest.java
@@ -0,0 +1,56 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+import org.apache.commons.io.IOUtils;
+import org.junit.Assert;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.BlockJUnit4ClassRunner;
+import org.springframework.core.io.Resource;
+
+import at.gv.egovernment.moa.id.auth.modules.ehvd.EhvdServiceAuthSpringResourceProvider;
+
+
+
+@RunWith(BlockJUnit4ClassRunner.class)
+public class EhvdServiceAuthSpringResourceProviderTest {
+
+  @Test
+  public void testSpringConfig() {
+    final EhvdServiceAuthSpringResourceProvider test =
+        new EhvdServiceAuthSpringResourceProvider();
+    for (final Resource el : test.getResourcesToLoad()) {
+      try {
+        IOUtils.toByteArray(el.getInputStream());
+
+      } catch (final IOException e) {
+        Assert.fail("Ressouce: " + el.getFilename() + " not found");
+      }
+
+    }
+
+    Assert.assertNotNull("no Name", test.getName());
+    Assert.assertNull("Find package definitions", test.getPackagesToScan());
+
+  }
+
+  @Test
+  public void testSpILoaderConfig() {
+    final InputStream el = this.getClass().getResourceAsStream(
+        "/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider");
+    try {
+      final String spiFile = IOUtils.toString(el, "UTF-8");
+
+      Assert.assertEquals("Wrong classpath in SPI file",
+          EhvdServiceAuthSpringResourceProvider.class.getName(), spiFile);
+
+
+    } catch (final IOException e) {
+      Assert.fail("Ressouce: '/META-INF/services/at.gv.egiz.components.spring.api.SpringResourceProvider' not found");
+
+    }
+  }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/InjectEhvdIdentityInformationTaskTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/InjectEhvdIdentityInformationTaskTest.java
new file mode 100644
index 000000000..45f7a8fc4
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/InjectEhvdIdentityInformationTaskTest.java
@@ -0,0 +1,131 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.fail;
+
+import java.io.IOException;
+import java.security.PublicKey;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.xml.transform.TransformerException;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Before;
+import org.junit.Ignore;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.util.Assert;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+import org.w3c.dom.Element;
+
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.IRequestStorage;
+import at.gv.egiz.eaaf.core.api.data.EAAFConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFParserException;
+import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
+import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.task.InjectEhvdInformationTask;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.TestUtils;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+    "/test_ehvd_service_auth.beans.xml" })
+public class InjectEhvdIdentityInformationTaskTest {
+
+  @Autowired InjectEhvdInformationTask task;
+  @Autowired DummyAuthConfigMap config;
+  @Autowired IRequestStorage storage;
+  
+  protected MockHttpServletRequest httpReq;
+  protected MockHttpServletResponse httpResp;
+  private ExecutionContext context;
+  private TestRequestImpl pendingReq;
+  private Map<String, String> spConfigMap;
+  
+  @Before
+  public void initialize() throws EAAFParserException {
+    httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+    httpResp = new MockHttpServletResponse();
+    RequestContextHolder.resetRequestAttributes();
+    RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+    
+    context = new ExecutionContextImpl();
+
+    spConfigMap = new HashMap<>();
+    spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphanumeric(10));
+    
+    ISPConfiguration spConfig = new DummySPConfiguration(spConfigMap, config);    
+    pendingReq = new TestRequestImpl();
+    pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10));
+    pendingReq.setSpConfig(spConfig);
+        
+    // re-set config
+    config.putConfigValue("modules.dummyauth.enabled", String.valueOf(true));
+    
+    //inject identityLink
+    final AuthenticationSessionWrapper moaSession = pendingReq.getSessionData(
+        AuthenticationSessionWrapper.class);    
+    moaSession.setIdentityLink(TestUtils.generateDummyIdl(
+        RandomStringUtils.randomAlphanumeric(10), 
+        EAAFConstants.URN_PREFIX_BASEID));
+    
+  }
+
+  @Test
+  public void noIdentityLinkInSession() {
+    final AuthenticationSessionWrapper moaSession = pendingReq.getSessionData(
+        AuthenticationSessionWrapper.class);
+    moaSession.setIdentityLink(null);
+    
+    try {
+      task.execute(pendingReq, context);
+      fail("wrong state not detected");
+      
+    } catch (TaskExecutionException e) {
+      Assert.isInstanceOf(AuthenticationException.class, e.getOriginalException(), "wrong execpetion");     
+      assertEquals("wrong errorCode", "process.04", ((EAAFException) e.getOriginalException()).getErrorId());
+      
+    }        
+  }
+  
+    
+  @Test
+  public void validateState() throws TaskExecutionException, PendingReqIdValidationException {
+    
+    task.execute(pendingReq, context);
+    
+    // validate state
+    IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId());
+    assertNotNull("pendingReq not stored", storedReq);
+    
+    final AuthenticationSessionWrapper moaSession = storedReq.getSessionData(
+        AuthenticationSessionWrapper.class);
+    
+    assertFalse("foreign", moaSession.isForeigner());
+    assertFalse("mandate", moaSession.isMandateUsed());    
+    assertEquals("missing attributes", 1, moaSession.getGenericSessionDataStorage().size());
+            
+  }
+  
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/PvpRoleAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/PvpRoleAttributeBuilderTest.java
new file mode 100644
index 000000000..df02c6f4e
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/PvpRoleAttributeBuilderTest.java
@@ -0,0 +1,124 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Before;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.BlockJUnit4ClassRunner;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData;
+import at.gv.egiz.eaaf.core.impl.idp.builder.SimpleStringAttributeGenerator;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.PvpRoleAttributeBuilder;
+import at.gv.egovernment.moa.id.data.AuthenticationRole;
+import at.gv.egovernment.moa.id.data.MOAAuthenticationData;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+    "/test_ehvd_service_auth.beans.xml" })
+public class PvpRoleAttributeBuilderTest {
+
+  @Autowired
+  private IConfiguration basicConfig;
+  
+  private PvpRoleAttributeBuilder toTest = new PvpRoleAttributeBuilder();
+  private IAttributeGenerator<String> g = new SimpleStringAttributeGenerator();
+  private ISPConfiguration oaParam;
+
+   
+  @Before
+  public void initialize() {
+    oaParam = new DummySPConfiguration(Collections.emptyMap(), basicConfig);
+    
+  }
+  
+  @Test
+  public void checkName() {    
+    assertEquals("wrong attr. name", "urn:oid:1.2.40.0.10.2.1.1.261.30", toTest.getName());
+    
+  }
+  
+  @Test
+  public void checkEmptyAttribute() {    
+    assertNull("wrong empty attr.", toTest.buildEmpty(g));
+    
+  }
+  
+  @Test
+  public void wrongAuthData() throws AttributeBuilderException {            
+    IAuthData authData = new AuthenticationData();       
+    assertNull("wrong attr. value", toTest.build(oaParam, authData, g));
+    
+  }
+  
+  public void noRoles() throws AttributeBuilderException {            
+    IAuthData authData = generateAuthData(null);       
+    assertNull("wrong attr. value", toTest.build(oaParam, authData, g));
+    
+  }
+  
+  @Test
+  public void emptyRoles() throws AttributeBuilderException {            
+    IAuthData authData = generateAuthData(Collections.emptyList());       
+    assertNull("wrong attr. value", toTest.build(oaParam, authData, g));
+    
+  }
+
+  @Test
+  public void randomRoles() throws AttributeBuilderException {            
+    String role1 = RandomStringUtils.randomAlphabetic(5);
+    String role2 = RandomStringUtils.randomAlphabetic(5);
+    String role3 = RandomStringUtils.randomAlphabetic(5);
+    String role4 = RandomStringUtils.randomAlphabetic(5);
+    
+    IAuthData authData = generateAuthData(Arrays.asList(
+        new AuthenticationRole(role1, role1), 
+        new AuthenticationRole(role2, role2),
+        new AuthenticationRole(role3, role3 + "()"),
+        new AuthenticationRole(role4, role4 + "(\"aaa\"=\"bbb\")")
+        ));       
+    
+    // perform test
+    String attrValue = toTest.build(oaParam, authData, g);
+    
+    // validate state
+    assertNotNull("wrong attr. value", attrValue);
+    
+    String[] el = attrValue.split(";");
+    assertEquals("wrong role count", 4, el.length);
+    assertEquals("wrong 1. role", role1, el[0]);
+    assertEquals("wrong 2. role", role2, el[1]);
+    assertEquals("wrong 3. role", role3 + "()", el[2]);
+    assertEquals("wrong 4. role", role4 + "(\"aaa\"=\"bbb\")", el[3]);
+    
+    
+  }
+  
+  private IAuthData generateAuthData(List<AuthenticationRole> roles) {
+    MOAAuthenticationData authData = new MOAAuthenticationData(null);
+    if (roles != null) {
+      roles.forEach(el -> authData.addAuthenticationRole(el));
+      
+    }
+    
+    return authData;
+    
+  }
+  
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/DummyAuthConfigMap.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/DummyAuthConfigMap.java
new file mode 100644
index 000000000..865cf7157
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/DummyAuthConfigMap.java
@@ -0,0 +1,136 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.URI;
+import java.net.URL;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Properties;
+
+import org.apache.commons.lang3.StringUtils;
+
+import at.gv.egiz.eaaf.core.api.idp.IConfigurationWithSP;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
+import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
+
+/**
+ * Dummy Application-configuration implementation for jUnit tests.
+ *
+ * @author tlenz
+ *
+ */
+public class DummyAuthConfigMap implements IConfigurationWithSP {
+
+  private Map<String, String> config = new HashMap<>();
+  
+  public DummyAuthConfigMap() {
+    
+  }
+  
+  /**
+   * Dummy Application-configuration.
+   *
+   * @param configIs Property based configuration
+   * @throws IOException In case of an configuration read error
+   */
+  public DummyAuthConfigMap(final InputStream configIs) throws IOException {
+
+    final Properties props = new Properties();
+    props.load(configIs);
+
+    config = KeyValueUtils.convertPropertiesToMap(props);
+
+  }
+
+  /**
+   * Dummy Application-configuration.
+   *
+   * @param path Path to property based configuration
+   * @throws IOException In case of an configuration read error
+   */
+  public DummyAuthConfigMap(final String path) throws IOException {
+
+    final Properties props = new Properties();
+    props.load(this.getClass().getResourceAsStream(path));
+
+    config = KeyValueUtils.convertPropertiesToMap(props);
+
+  }
+
+
+  @Override
+  public String getBasicConfiguration(final String key) {
+    return config.get(key);
+
+  }
+
+  @Override
+  public String getBasicConfiguration(final String key, final String defaultValue) {
+    final String value = getBasicConfiguration(key);
+    if (StringUtils.isEmpty(value)) {
+      return defaultValue;
+    } else {
+      return value;
+    }
+
+  }
+
+  @Override
+  public Boolean getBasicConfigurationBoolean(final String key) {
+    final String value = getBasicConfiguration(key);
+    if (StringUtils.isEmpty(value)) {
+      return false;
+    } else {
+      return Boolean.valueOf(value);
+    }
+  }
+
+  @Override
+  public boolean getBasicConfigurationBoolean(final String key, final boolean defaultValue) {
+    return Boolean.parseBoolean(getBasicConfiguration(key, String.valueOf(defaultValue)));
+
+  }
+
+  @Override
+  public Map<String, String> getBasicConfigurationWithPrefix(final String prefix) {
+    return KeyValueUtils.getSubSetWithPrefix(config, prefix);
+
+  }
+
+  @Override
+  public ISPConfiguration getServiceProviderConfiguration(final String uniqueID)
+      throws EAAFConfigurationException {
+    return null;
+  }
+
+  @Override
+  public <T> T getServiceProviderConfiguration(final String spIdentifier, final Class<T> decorator)
+      throws EAAFConfigurationException {
+    return null;
+  }
+
+  @Override
+  public URI getConfigurationRootDirectory() {
+    return new java.io.File(".").toURI();
+
+  }
+
+  @Override
+  public String validateIDPURL(final URL authReqUrl) throws EAAFException {
+    return null;
+  }
+
+  public void putConfigValue(final String key, final String value) {
+    config.put(key, value);
+  }
+
+  public void removeConfigValue(final String key) {
+    config.remove(key);
+
+  }
+
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/TestUtils.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/TestUtils.java
new file mode 100644
index 000000000..9ab52a27e
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/dummy/TestUtils.java
@@ -0,0 +1,150 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy;
+
+import java.io.IOException;
+import java.security.PublicKey;
+
+import javax.xml.transform.TransformerException;
+
+import org.w3c.dom.Element;
+
+import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
+
+public class TestUtils {
+
+  public static IIdentityLink generateDummyIdl(String baseId, String baseIdType) {
+    return new IIdentityLink() {
+      
+      @Override
+      public void setSamlAssertion(Element samlAssertion) throws TransformerException, IOException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setPublicKey(PublicKey[] publicKey) {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setPrPerson(Element prPerson) {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setIssueInstant(String issueInstant) {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setIdentificationValue(String identificationValue) {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setIdentificationType(String identificationType) {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setGivenName(String givenName) {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setFamilyName(String familyName) {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setDsigReferenceTransforms(Element[] dsigReferenceTransforms) {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setDateOfBirth(String dateOfBirth) {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public String getSerializedSamlAssertion() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Element getSamlAssertion() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public PublicKey[] getPublicKey() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Element getPrPerson() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getName() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getIssueInstant() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getIdentificationValue() {
+        return baseId;
+        
+      }
+      
+      @Override
+      public String getIdentificationType() {
+        return baseIdType;
+        
+      }
+      
+      @Override
+      public String getGivenName() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getFamilyName() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Element[] getDsigReferenceTransforms() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getDateOfBirth() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+    };
+  }
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AttributeBuilderRegistrationTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AttributeBuilderRegistrationTest.java
new file mode 100644
index 000000000..5ff8ffba7
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AttributeBuilderRegistrationTest.java
@@ -0,0 +1,41 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.utils;
+
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertTrue;
+
+import java.util.List;
+
+import org.junit.Assert;
+import org.junit.BeforeClass;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.BlockJUnit4ClassRunner;
+import org.opensaml.saml2.core.Attribute;
+import org.opensaml.xml.ConfigurationException;
+
+import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions;
+import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PVPAttributeBuilder;
+import at.gv.egiz.eaaf.modules.pvp2.impl.opensaml.initialize.EAAFDefaultSAML2Bootstrap;
+
+@RunWith(BlockJUnit4ClassRunner.class)
+public class AttributeBuilderRegistrationTest {
+
+  @BeforeClass
+  public static void classInitializer() throws ConfigurationException {
+    EAAFDefaultSAML2Bootstrap.bootstrap();
+    
+  }
+  
+  @Test
+  public void checkRegistratedAttributeBuilder() {
+    
+    List<Attribute> supportedAttributes = PVPAttributeBuilder.buildSupportedEmptyAttributes();
+    
+    assertFalse("Registered Attribute-Builder is empty", supportedAttributes.isEmpty());
+    assertTrue("No role attribute registrated", supportedAttributes.stream()
+        .filter(el -> PVPAttributeDefinitions.ROLES_NAME.equals(el.getName()))
+        .findFirst()
+        .isPresent());
+        
+  }
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AuthenticationRoleFactoryTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AuthenticationRoleFactoryTest.java
new file mode 100644
index 000000000..6d39b926e
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/AuthenticationRoleFactoryTest.java
@@ -0,0 +1,65 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.utils;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.junit.runners.BlockJUnit4ClassRunner;
+
+import at.gv.egovernment.moa.id.data.AuthenticationRole;
+import at.gv.egovernment.moa.id.data.AuthenticationRoleFactory;
+
+@RunWith(BlockJUnit4ClassRunner.class)
+public class AuthenticationRoleFactoryTest {
+
+  @Test
+  public void simpleRole() {    
+    String role = RandomStringUtils.randomAlphabetic(5);
+    
+    AuthenticationRole toCheck = AuthenticationRoleFactory.buildFormPVPole(role);
+    
+    assertEquals("wrong role name", role, toCheck.getRoleName());
+    assertEquals("wrong raw role", role, toCheck.getRawRoleString());
+    assertNull("wrong role attr", toCheck.getParams());
+       
+  }
+  
+  @Test
+  public void complexeRoleEmptyParams() {    
+    String role = RandomStringUtils.randomAlphabetic(5);
+    String fullRole = role + "()";
+    
+    AuthenticationRole toCheck = AuthenticationRoleFactory.buildFormPVPole(fullRole);
+    
+    assertEquals("wrong role name", role, toCheck.getRoleName());
+    assertEquals("wrong raw role", fullRole, toCheck.getRawRoleString());
+    assertNull("wrong role attr", toCheck.getParams());
+       
+  }
+  
+  @Test
+  public void complexeRoleWithParams() {
+    String p1 = RandomStringUtils.randomAlphabetic(5);
+    String v1 = RandomStringUtils.randomAlphabetic(5);
+    String p2 = RandomStringUtils.randomAlphabetic(5);
+    String v2 = RandomStringUtils.randomAlphabetic(5);
+    
+    String role = RandomStringUtils.randomAlphabetic(5);
+    String fullRole = role + "(\"" 
+        + p1 + "\"=\"" + v1 + "\"," 
+        + p2 + "\"=\"" + v2 + "\""
+        +")";
+    
+    AuthenticationRole toCheck = AuthenticationRoleFactory.buildFormPVPole(fullRole);
+    
+    assertEquals("wrong role name", role, toCheck.getRoleName());
+    assertEquals("wrong raw role", fullRole, toCheck.getRawRoleString());
+    assertNotNull("wrong role attr", toCheck.getParams());
+    assertEquals("wrong param size", 2, toCheck.getParams().size());
+           
+  }
+  
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/MoaStatusMessagerTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/MoaStatusMessagerTest.java
new file mode 100644
index 000000000..399980dbf
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/MoaStatusMessagerTest.java
@@ -0,0 +1,55 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.utils;
+
+import static org.junit.Assert.assertEquals;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.api.IStatusMessenger;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({"/test_ehvd_service_messager_auth.beans.xml"})
+public class MoaStatusMessagerTest {
+
+  @Autowired IStatusMessenger messager;
+  
+  
+  @Test
+  public void checkErrorCodeMapper() {        
+    assertEquals("default errorcode", "9199", 
+        messager.getResponseErrorCode(new NullPointerException()));
+
+    
+    assertEquals("new errorCode file", "aabbccdd", 
+        messager.mapInternalErrorToExternalError("test.01"));    
+    assertEquals("new errorCode file", "zzzyyyxxx", 
+        messager.mapInternalErrorToExternalError("test.02"));
+        
+    assertEquals("existing errorCode file", "4401", 
+        messager.mapInternalErrorToExternalError("auth.34"));
+    assertEquals("existing errorCode file", "1101", 
+        messager.mapInternalErrorToExternalError("parser.07"));
+          
+  }
+  
+  @Test
+  public void checkErrorMessages() {
+    assertEquals("new error msg", 
+        "GDA Status inaktiv", messager.getMessage("ehvd.00", null));
+    assertEquals("new error msg", 
+        "Allgemeiner Fehler bei der Abfrage des EHVD Service", messager.getMessage("ehvd.99", null));
+    
+    
+    assertEquals("existing error msg", 
+        "Zertifikat konnte nicht ausgelesen werden.", messager.getMessage("auth.14", null));
+    assertEquals("existing error msg", 
+        "\"Issuer\" im AUTH-Block nicht vorhanden.", messager.getMessage("validator.32", null));
+    
+  }
+  
+  
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config1.properties b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config1.properties
new file mode 100644
index 000000000..bc71dc6ab
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config1.properties
@@ -0,0 +1,5 @@
+modules.ehvd.enabled=true
+modules.ehvd.sp.1=aaabbccddeeffgg
+modules.ehvd.sp.2=yyasdfasfsa2323
+modules.ehvd.sp.3=
+modules.ehvd.sp.4=435344534egewgegf
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config2.properties b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config2.properties
new file mode 100644
index 000000000..4e666c204
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config2.properties
@@ -0,0 +1,4 @@
+modules.ehvd.enabled=false
+modules.ehvd.sp.1=aaabbccddeeffgg
+modules.ehvd.sp.2=yyasdfasfsa2323
+modules.ehvd.sp.3=435344534egewgegf
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth.beans.xml b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth.beans.xml
new file mode 100644
index 000000000..b499ad395
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth.beans.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:context="http://www.springframework.org/schema/context"
+	xmlns:tx="http://www.springframework.org/schema/tx"
+	xmlns:aop="http://www.springframework.org/schema/aop"
+	xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+		http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+	<import resource="classpath:/SpringTest-context_authManager.xml" />	
+	<import resource="classpath:/moaid_ehvd_service_auth.beans.xml" />
+
+	<bean id="dummyConfig" class="at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap">
+		<constructor-arg name="path" value="/config/config1.properties" />
+	</bean>
+ 																												
+</beans>
\ No newline at end of file
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth_lazy.beans.xml b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth_lazy.beans.xml
new file mode 100644
index 000000000..7116034b7
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_auth_lazy.beans.xml
@@ -0,0 +1,24 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:context="http://www.springframework.org/schema/context"
+	xmlns:tx="http://www.springframework.org/schema/tx"
+	xmlns:aop="http://www.springframework.org/schema/aop"
+	xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+		http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+	<import resource="classpath:/SpringTest-context_authManager.xml" />	
+
+	<bean id="dummyConfig" class="at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap">
+		<constructor-arg name="path" value="/config/config2.properties" />
+	</bean>
+ 		
+	<beans default-lazy-init="true">
+		<bean id="ehvdServiceAuthModule" class="at.gv.egovernment.moa.id.auth.modules.ehvd.EhvdServiceAuthModule">
+			<property name="priority" value="4" />
+		</bean>
+ 					 		
+    </beans>																								
+</beans>
\ No newline at end of file
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_messager_auth.beans.xml b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_messager_auth.beans.xml
new file mode 100644
index 000000000..5d8e03fb5
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_service_messager_auth.beans.xml
@@ -0,0 +1,15 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:context="http://www.springframework.org/schema/context"
+	xmlns:tx="http://www.springframework.org/schema/tx"
+	xmlns:aop="http://www.springframework.org/schema/aop"
+	xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+		http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+	<bean id="testMsgProvider" 
+		  class="at.gv.egovernment.moa.id.commons.utils.MOAIDMessageProvider"/>
+ 																												
+</beans>
\ No newline at end of file
diff --git a/id/server/modules/pom.xml b/id/server/modules/pom.xml
index c762cf51c..a5cf8bfa0 100644
--- a/id/server/modules/pom.xml
+++ b/id/server/modules/pom.xml
@@ -38,6 +38,7 @@
     <module>moa-id-module-AT_eIDAS_connector</module>
     <module>moa-id-module-E-ID_connector</module>    
     <module>moa-id-module-dummyAuth</module>
+    <module>moa-id-module-ehvd_integration</module>
     
   </modules>
 	
-- 
cgit v1.2.3


From 56af7bee462d70f08d0442254c632f39e50ec96f Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Thu, 29 Jul 2021 09:03:47 +0200
Subject: add EHVD WSDL and implement SOAP client

---
 .../modules/moa-id-module-ehvd_integration/pom.xml |  68 +-
 .../auth/modules/ehvd/ConfigurationProperties.java |  19 +-
 .../auth/modules/ehvd/exception/EhvdException.java |  19 +
 .../ehvd/service/EhvdCommunicationService.java     | 194 ++++-
 .../resources/properties/id_messages.properties    |   5 +-
 .../protocol_response_statuscodes.properties       |   7 +-
 .../src/main/resources/wsdl/eHVD.wsdl              | 220 +++++
 .../InjectEhvdIdentityInformationTaskTest.java     | 131 ---
 .../InjectEhvdIdentityInformationQsSystemTest.java | 141 +++
 .../InjectEhvdIdentityInformationTaskTest.java     | 961 +++++++++++++++++++++
 .../ehvd/test/utils/MoaStatusMessagerTest.java     |   2 +-
 .../skjolber/mockito/soap/Soap12EndpointRule.java  | 195 +++++
 .../src/test/resources/config/config1.properties   |   3 +
 .../resources/config/config_qs_service.properties  |   8 +
 .../resources/test_ehvd_qs_service_auth.beans.xml  |  19 +
 15 files changed, 1820 insertions(+), 172 deletions(-)
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/exception/EhvdException.java
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/main/resources/wsdl/eHVD.wsdl
 delete mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/InjectEhvdIdentityInformationTaskTest.java
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationTaskTest.java
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/test/java/com/github/skjolber/mockito/soap/Soap12EndpointRule.java
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config_qs_service.properties
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_qs_service_auth.beans.xml

(limited to 'id/server')

diff --git a/id/server/modules/moa-id-module-ehvd_integration/pom.xml b/id/server/modules/moa-id-module-ehvd_integration/pom.xml
index 05b2d0daa..6f9463710 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/pom.xml
+++ b/id/server/modules/moa-id-module-ehvd_integration/pom.xml
@@ -22,13 +22,20 @@
 				</exclusion>
 			</exclusions>
 		</dependency>
-		
+
 		<dependency>
 			<groupId>MOA.id.server</groupId>
 			<artifactId>moa-id-lib</artifactId>
 			<scope>provided</scope>
 		</dependency>
 
+		<dependency>
+			<groupId>javax.servlet</groupId>
+    		<artifactId>javax.servlet-api</artifactId>
+    		<version>3.1.0</version>
+			<scope>provided</scope>
+		</dependency>
+
 
 		<dependency>
 			<groupId>org.springframework</groupId>
@@ -52,6 +59,63 @@
 			<scope>test</scope>
 			<type>test-jar</type>
 		</dependency>
-								
+    	<dependency>
+      		<groupId>com.github.skjolber</groupId>
+      		<artifactId>mockito-soap-cxf</artifactId>
+      		<version>1.2.0</version>
+      		<scope>test</scope>
+    	</dependency>
+
 	</dependencies>
+
+	<build>
+		<plugins>
+			<plugin>
+				<groupId>org.apache.cxf</groupId>
+				<artifactId>cxf-codegen-plugin</artifactId>
+				<version>3.4.1</version>
+				<dependencies>
+					<dependency>
+						<groupId>xerces</groupId>
+						<artifactId>xercesImpl</artifactId>
+						<version>2.8.1</version>
+					</dependency>
+					<dependency>
+						<groupId>com.sun.xml.bind</groupId>
+						<artifactId>jaxb-impl</artifactId>
+						<version>2.2.5</version>
+					</dependency>
+					<dependency>
+						<groupId>com.sun.xml.bind</groupId>
+						<artifactId>jaxb-xjc</artifactId>
+						<version>2.2.5</version>
+					</dependency>
+				</dependencies>
+				<executions>
+					<execution>
+						<id>generate-sources</id>
+						<phase>generate-sources</phase>
+						<configuration>
+							<sourceRoot>${project.build.directory}/generated/cxf</sourceRoot>
+							<wsdlOptions>
+								<wsdlOption>
+									<wsdl>${basedir}/src/main/resources/wsdl/eHVD.wsdl</wsdl>
+									<packagenames>
+										<packagename>eHVD=at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl</packagename>
+									</packagenames>
+									<extraargs>
+										<extraarg>-verbose </extraarg>
+									</extraargs>
+								</wsdlOption>
+							</wsdlOptions>
+						</configuration>
+						<goals>
+							<goal>wsdl2java</goal>
+						</goals>
+					</execution>
+				</executions>
+			</plugin>
+		</plugins>
+	</build>
+
 </project>
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java
index fd7d1b013..07d65f2f5 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java
@@ -22,26 +22,23 @@
  */
 package at.gv.egovernment.moa.id.auth.modules.ehvd;
 
-import java.util.Collection;
-
-import com.google.common.collect.Sets;
-
 import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
-import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions;
 
 public class ConfigurationProperties {
 
   // configuration properties
   private static final String MODULE_PREFIX = "modules.ehvd.";
-  
+
   public static final String PROP_MODULE_ENABLED = MODULE_PREFIX + "enabled";
   public static final String PROP_MODULE_SP_PREFIX = MODULE_PREFIX + "sp";
-   
+
   public static final String PROP_MODULE_SERVICE_TARGET = MODULE_PREFIX + "service.bpk.target";
-  
-  
-  public static final String DEFAULT_EHVD_SERVICE_TARGET = EAAFConstants.URN_PREFIX_CDID + "GH"; 
-  
+  public static final String PROP_MODULE_SERVICE_ENDPOINT = MODULE_PREFIX + "service.url";
+
+  public static final String PROP_MODULE_PROXY_SOCKS_PORT = MODULE_PREFIX + "proxy.socks.port";
+
+  public static final String DEFAULT_EHVD_SERVICE_TARGET = EAAFConstants.URN_PREFIX_CDID + "GH";
+
   private ConfigurationProperties() {
     // hide constructor or static class
   }
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/exception/EhvdException.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/exception/EhvdException.java
new file mode 100644
index 000000000..daab154bc
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/exception/EhvdException.java
@@ -0,0 +1,19 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.exception;
+
+import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+
+public class EhvdException extends AuthenticationException{
+
+  private static final long serialVersionUID = 380654627005502948L;
+
+  public EhvdException(String messageId, Object[] parameters) {
+    super(messageId, parameters);
+
+  }
+
+  public EhvdException(String messageId, Object[] parameters, Throwable e) {
+    super(messageId, parameters, e);
+
+  }
+  
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java
index f0e2069a1..ab4a70751 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java
@@ -1,69 +1,213 @@
 package at.gv.egovernment.moa.id.auth.modules.ehvd.service;
 
+import java.net.URL;
+import java.util.ArrayList;
 import java.util.Collections;
 import java.util.List;
+import java.util.Map;
 
 import javax.annotation.Nonnull;
 import javax.annotation.PostConstruct;
+import javax.xml.ws.BindingProvider;
+import javax.xml.ws.handler.Handler;
+import javax.xml.ws.soap.SOAPFaultException;
 
+import org.apache.commons.lang3.StringUtils;
+import org.apache.cxf.endpoint.Client;
+import org.apache.cxf.frontend.ClientProxy;
+import org.apache.cxf.transport.http.HTTPConduit;
+import org.apache.cxf.transports.http.configuration.ProxyServerType;
 import org.springframework.beans.factory.annotation.Autowired;
 
+import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions;
 import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
 import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
 import at.gv.egiz.eaaf.core.exceptions.EAAFBuilderException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
 import at.gv.egiz.eaaf.core.impl.data.Pair;
 import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BPKBuilder;
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.EHVD;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.EHVDService;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaIndexResponse;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GetGdaDescriptors;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.InstanceIdentifier;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.exception.EhvdException;
 import at.gv.egovernment.moa.logging.Logger;
+import at.gv.util.LoggingHandler;
 
 /**
  * Implement interaction with EHVD service to get GDA information.
- * 
+ *
  * @author tlenz
  *
  */
 public class EhvdCommunicationService implements IEhvdCommunication {
 
-  @Autowired IConfiguration config;
-  
+  private static final String GDA_RESP_STATUS_ACTIVE = "Aktiv";
+
+  private static final String ERROR_EHVD_00 = "ehvd.00";
+  private static final String ERROR_EHVD_01 = "ehvd.01";
+  private static final String ERROR_EHVD_02 = "ehvd.02";
+  private static final String ERROR_CONFIG_05 = "config.05";
+
+  @Autowired
+  IConfiguration config;
+
   private String ehvdBpkTarget;
-  
+
+  private EHVD ehvdClient;
+
   /**
    * Get user's GDA roles from EHVD Service.
-   * 
+   *
    * @param identityLink IdentityLink of the user
    * @return {@link List} of Roles that are received from EHVD
    * @throws AuthenticationException In case of an EHVD communication error
-   * @throws EAAFBuilderException  In case of a bPK generation error
+   * @throws EAAFBuilderException    In case of a bPK generation error
    */
   @Override
   @Nonnull
-  public List<String> getRoles(IIdentityLink identityLink) throws AuthenticationException, EAAFBuilderException {
-  
+  public List<String> getRoles(IIdentityLink identityLink) throws AuthenticationException,
+      EAAFBuilderException {
+
     // get bPK for EHVD request
-    Pair<String, String> ehvdBpk = BPKBuilder.generateAreaSpecificPersonIdentifier(
-        identityLink.getIdentificationValue(), 
-        identityLink.getIdentificationType(), 
+    final Pair<String, String> ehvdBpk = BPKBuilder.generateAreaSpecificPersonIdentifier(
+        identityLink.getIdentificationValue(),
+        identityLink.getIdentificationType(),
         ehvdBpkTarget);
-    
-    
-    //TODO: request EHVD and handle errors
-    
-    //TODO: parse roles from response
-    
-    
+
+    // request EHVD and handle errors
+    final GdaIndexResponse gdaResp = requestingGda(ehvdBpk.getFirst());
+
+    // parse roles from response
+    return parseGdaResponse(gdaResp);
+
+  }
+
+  @Nonnull
+  private GdaIndexResponse requestingGda(String bpk) throws EhvdException {
+    try {
+      final GetGdaDescriptors gdaReq = buildGdaRequest(bpk);
+      Logger.debug("Requesting EHVD to get GDA status ... ");
+      final GdaIndexResponse gdaResp = ehvdClient.getGDA(gdaReq);
+      Logger.debug("Receive GDA status. Starting response validation ... ");
+      return gdaResp;
+
+    } catch  (final SOAPFaultException e) {
+      // extract reason for this error 
+      String errorMsg = e.getFault() != null 
+          ? StringUtils.isNotEmpty(e.getFault().getFaultString()) ? e.getFault().getFaultString() : e.getMessage() 
+          : e.getMessage();
+      
+      Logger.warn("EHVD communication failed with SOAP response: " + errorMsg, e);      
+      throw new EhvdException(ERROR_EHVD_02, new Object[] {errorMsg}, e);
+      
+    } catch (final Exception e) {
+      Logger.error("EHVD communication failed with generic error: " + e.getMessage(), e);
+      throw new EhvdException(ERROR_EHVD_01, new Object[] {}, e);
+
+    }
+
+  }
+
+  private List<String> parseGdaResponse(GdaIndexResponse ehvdResp) throws EhvdException {
+    if (ehvdResp.getGda() != null) {
+      final GdaDescriptor gdaInfo = ehvdResp.getGda();
+      if (GDA_RESP_STATUS_ACTIVE.equals(gdaInfo.getStatus().getEhvdstatus())) {
+        Logger.debug("Find #" + gdaInfo.getRoles().getRole().size() + " roles");
+        return gdaInfo.getRoles().getRole();
+
+      } else {
+        Logger.info("GDA is marked as 'inactive'. Stopping process with an error ... ");
+        throw new EhvdException(ERROR_EHVD_00, null);
+
+      }
+
+    } else {
+      Logger.debug("Receive empty GDA response");
+      // TODO: what we to in case of empty response?
+
+    }
+
     return Collections.emptyList();
-    
+
+  }
+
+  private GetGdaDescriptors buildGdaRequest(String bPK) {
+    final GetGdaDescriptors req = new GetGdaDescriptors();
+    final InstanceIdentifier gdaIdentifier = new InstanceIdentifier();
+    gdaIdentifier.setOidIssuingAuthority(PVPAttributeDefinitions.BPK_OID);
+    gdaIdentifier.setId(bPK);
+    req.setHcIdentifier(gdaIdentifier);
+    return req;
+
   }
 
   @PostConstruct
-  private void initialize() {
-    ehvdBpkTarget = config.getBasicConfiguration(
-        ConfigurationProperties.PROP_MODULE_SERVICE_TARGET, 
-        ConfigurationProperties.DEFAULT_EHVD_SERVICE_TARGET);    
-    Logger.info("Initialize EHVD Client with bPK target: " + ehvdBpkTarget);
+  private void initialize() throws EAAFConfigurationException {
+    if (config.getBasicConfigurationBoolean(ConfigurationProperties.PROP_MODULE_ENABLED, false)) {
+      initializeEhvdClient();
+
+      ehvdBpkTarget = config.getBasicConfiguration(
+          ConfigurationProperties.PROP_MODULE_SERVICE_TARGET,
+          ConfigurationProperties.DEFAULT_EHVD_SERVICE_TARGET);
+      Logger.info("Set-up EHVD Client with bPK target: " + ehvdBpkTarget);
+
+    } else {
+      Logger.info("Skipping EHVD client because it's not active");
+
+    }
+  }
+
+  private void initializeEhvdClient() throws EAAFConfigurationException {
+    Logger.debug("Initializing EHVD client ... ");
+    final URL url = EhvdCommunicationService.class.getResource("/wsdl/eHVD.wsdl");
+    final EHVDService service = new EHVDService(url);
+    ehvdClient = service.getEHVDPort12();
+
+    // load service end-point URL from configuration
+    final String ehvdEndpointUrl = config.getBasicConfiguration(
+        ConfigurationProperties.PROP_MODULE_SERVICE_ENDPOINT);
+    if (StringUtils.isEmpty(ehvdEndpointUrl)) {
+      Logger.error("Missing configuration for EHVD WebService endpoint. "
+          + "(Property: " + ConfigurationProperties.PROP_MODULE_SERVICE_ENDPOINT + ")");
+      throw new EAAFConfigurationException(ERROR_CONFIG_05,
+          new Object[] { ConfigurationProperties.PROP_MODULE_SERVICE_ENDPOINT });
+
+    }
+
+    // inject service end-point URL
+    final Map<String, Object> requestContext = ((BindingProvider) ehvdClient).getRequestContext();
+    requestContext.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, ehvdEndpointUrl);
+
+    // inject Logging handler
+    List<Handler> handlerList = ((BindingProvider) ehvdClient).getBinding().getHandlerChain();
+    if (handlerList == null) {
+      handlerList = new ArrayList<>();
+
+    }
+
+    handlerList.add(new LoggingHandler());
+    ((BindingProvider) ehvdClient).getBinding().setHandlerChain(handlerList);
+
+    Logger.info("Initialize EHVD Client with service end-point: " + ehvdEndpointUrl);
+
+
+    // these code is only for local testing
+    String socksPort = config.getBasicConfiguration(ConfigurationProperties.PROP_MODULE_PROXY_SOCKS_PORT);
+    if (StringUtils.isNotEmpty(socksPort)) {
+      Logger.warn("Injecting SOCKS5 Proxy for service communication!");
+      final Client client = ClientProxy.getClient(ehvdClient);
+      final HTTPConduit http = (HTTPConduit) client.getConduit();
+      http.getClient().setProxyServerType(ProxyServerType.SOCKS);
+      http.getClient().setProxyServer("127.0.0.1");
+      http.getClient().setProxyServerPort(Integer.valueOf(socksPort));
+      
+    }
     
   }
-     
+
 }
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/id_messages.properties b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/id_messages.properties
index 89fd19362..104342a9d 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/id_messages.properties
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/id_messages.properties
@@ -1,2 +1,5 @@
-ehvd.00=GDA Status inaktiv
+ehvd.00=Für den abgefragtem GDA liegt keine Berechtigung vor
+ehvd.01=Technischer Fehler bei der Abfrage von GDA Informationen. Ursache: {0}
+ehvd.02=Fehler bei der Abfrage von GDA Informationen. Ursache: {0}
+
 ehvd.99=Allgemeiner Fehler bei der Abfrage des EHVD Service
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/protocol_response_statuscodes.properties b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/protocol_response_statuscodes.properties
index fca8fa8cd..400994330 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/protocol_response_statuscodes.properties
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/protocol_response_statuscodes.properties
@@ -1,2 +1,7 @@
 test.01=aabbccdd
-test.02=zzzyyyxxx
\ No newline at end of file
+test.02=zzzyyyxxx
+
+ehvd.00=7000
+ehvd.01=7001
+ehvd.02=7001
+ehvd.99=7099
\ No newline at end of file
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/wsdl/eHVD.wsdl b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/wsdl/eHVD.wsdl
new file mode 100644
index 000000000..a1138f068
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/wsdl/eHVD.wsdl
@@ -0,0 +1,220 @@
+<?xml version="1.0" encoding="UTF-8"?><wsdl:definitions xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:tns="eHVD" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:mime="http://www.w3.org/2003/01/wsdl/mime" targetNamespace="eHVD">
+
+	<wsdl:documentation>
+		Service: eHVD
+		Version: 2
+		Owner: BRZ
+	</wsdl:documentation>
+
+	<wsdl:types>
+		<xs:schema xmlns:ehvd="eHVD" xmlns:jaxb="http://java.sun.com/xml/ns/jaxb" xmlns:xjc="http://java.sun.com/xml/ns/jaxb/xjc" xmlns:xs="http://www.w3.org/2001/XMLSchema" jaxb:extensionBindingPrefixes="xjc" jaxb:version="2.0" elementFormDefault="qualified" targetNamespace="eHVD" version="1.0">
+			<xs:annotation>
+				<xs:appinfo>
+					<jaxb:globalBindings>
+						<jaxb:serializable uid="1"/>
+					</jaxb:globalBindings>
+				</xs:appinfo>
+			</xs:annotation>
+
+			<xs:complexType name="InstanceIdentifier">
+				<xs:sequence>
+					<xs:element maxOccurs="1" minOccurs="0" name="oidIssuingAuthority" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="1" name="id" type="xs:string"/>
+				</xs:sequence>
+			</xs:complexType>
+
+			<xs:complexType name="InstanceIdentifierSearch">
+				<xs:sequence>
+					<xs:element maxOccurs="1" minOccurs="0" name="firstname" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="1" name="surname" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="rolecode" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="postcode" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="streetNumber" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="streetName" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="city" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="state" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="1" name="maxResults" type="xs:integer"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="ehvdstatus" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="elgastatus" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="description" type="xs:string"/>
+				</xs:sequence>
+			</xs:complexType>
+
+			<xs:complexType name="GDAStatus">
+				<xs:sequence>
+					<xs:element maxOccurs="1" minOccurs="1" name="ehvdstatus" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="1" name="elgastatus" type="xs:string"/>
+				</xs:sequence>
+			</xs:complexType>
+
+			<xs:complexType name="GDARoles">
+				<xs:sequence>
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="role" type="xs:string"/>
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="elgaRole" type="xs:string"/>
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="specialisation" type="xs:string"/>
+				</xs:sequence>
+			</xs:complexType>
+
+			<xs:complexType name="GdaAddress">
+				<xs:sequence>
+					<xs:element maxOccurs="1" minOccurs="0" name="streetNumber" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="streetName" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="city" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="state" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="zip" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="country" type="xs:string"/>
+				</xs:sequence>
+			</xs:complexType>
+
+			<xs:complexType name="GDARelationship">
+				<xs:sequence>
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="memberof" type="xs:string"/>
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="ownerof" type="xs:string"/>
+				</xs:sequence>
+			</xs:complexType>
+
+			<xs:complexType name="GDADBTimestamps">
+				<xs:sequence>
+					<xs:element maxOccurs="1" minOccurs="0" name="add" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="modify" type="xs:string"/>
+				</xs:sequence>
+			</xs:complexType>
+
+			<xs:complexType name="GdaDescriptor">
+				<xs:sequence>
+					<xs:element maxOccurs="1" minOccurs="1" name="id" type="ehvd:InstanceIdentifier"/>
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="otherID" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="1" name="status" type="ehvd:GDAStatus"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="firstname" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="1" name="surname" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="gender" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="title" type="xs:string"/>
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="knownname" type="xs:string"/>
+					<xs:element maxOccurs="unbounded" minOccurs="0" name="address" type="ehvd:GdaAddress"/>
+					<xs:element maxOccurs="unbounded" minOccurs="1" name="description" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="1" name="roles" type="ehvd:GDARoles"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="relations" type="ehvd:GDARelationship"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="tel" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="fax" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="web" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="0" name="mail" type="xs:string"/>
+					<xs:element maxOccurs="1" minOccurs="1" name="timestamps" type="ehvd:GDADBTimestamps"/>
+				</xs:sequence>
+			</xs:complexType>
+
+			<xs:element name="GetGdaSearch">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element maxOccurs="1" minOccurs="1" name="hcIdentifierSearch" type="ehvd:InstanceIdentifierSearch"/>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+
+			<xs:element name="GetGdaDescriptors">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element maxOccurs="1" minOccurs="1" name="hcIdentifier" type="ehvd:InstanceIdentifier"/>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+
+			<xs:element name="GdaIndexResponse">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element maxOccurs="1" minOccurs="0" name="gda" type="ehvd:GdaDescriptor"/>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+
+			<xs:element name="GdaIndexResponseList">
+				<xs:complexType>
+					<xs:sequence>
+						<xs:element maxOccurs="unbounded" minOccurs="0" name="gda" type="ehvd:GdaDescriptor"/>
+					</xs:sequence>
+				</xs:complexType>
+			</xs:element>
+
+		</xs:schema>
+	</wsdl:types>
+
+	<wsdl:message name="GetGdaDescriptors">
+		<wsdl:part element="tns:GetGdaDescriptors" name="GetGdaDescriptors">
+		</wsdl:part>
+	</wsdl:message>
+
+	<wsdl:message name="GetGdaSearch">
+		<wsdl:part element="tns:GetGdaSearch" name="GetGdaSearch">
+		</wsdl:part>
+	</wsdl:message>
+
+
+	<wsdl:message name="GdaIndexResponse">
+		<wsdl:part element="tns:GdaIndexResponse" name="GdaIndexResponse">
+		</wsdl:part>
+	</wsdl:message>
+
+	<wsdl:message name="GdaIndexResponseList">
+		<wsdl:part element="tns:GdaIndexResponseList" name="GdaIndexResponseList">
+		</wsdl:part>
+	</wsdl:message>
+
+	<wsdl:portType name="eHVD">
+
+		<wsdl:documentation>eHVD Service Interfaces
+		</wsdl:documentation>
+
+		<wsdl:operation name="GetGDA">
+			<wsdl:input message="tns:GetGdaDescriptors" name="GetGdaDescriptors">
+			</wsdl:input>
+			<wsdl:output message="tns:GdaIndexResponse" name="GdaIndexResponse">
+			</wsdl:output>
+		</wsdl:operation>
+
+		<wsdl:operation name="GdaSearch">
+			<wsdl:input message="tns:GetGdaSearch" name="GetGdaSearch">
+			</wsdl:input>
+			<wsdl:output message="tns:GdaIndexResponseList" name="GdaIndexResponseList">
+			</wsdl:output>
+		</wsdl:operation>
+
+	</wsdl:portType>
+
+	<wsdl:binding name="eHVDSOAPBinding12" type="tns:eHVD">
+		<wsdl:documentation>SOAP 1.2 Binding</wsdl:documentation>
+
+		<soap12:binding transport="http://schemas.xmlsoap.org/soap/http" style="document"/>
+
+		<wsdl:operation name="GetGDA">
+			<soap12:operation soapAction="eHVD/GetGDA"/>
+			<wsdl:input name="GetGdaDescriptors">
+				<mime:content type="application/soap+xml"/>
+				<soap12:body use="literal"/>
+			</wsdl:input>
+			<wsdl:output name="GdaIndexResponse">
+				<soap12:body use="literal"/>
+			</wsdl:output>
+		</wsdl:operation>
+
+		<wsdl:operation name="GdaSearch">
+			<soap12:operation soapAction="eHVD/GdaSearch"/>
+			<wsdl:input name="GetGdaSearch">
+				<mime:content type="application/soap+xml"/>
+				<soap12:body use="literal"/>
+			</wsdl:input>
+			<wsdl:output name="GdaIndexResponseList">
+				<soap12:body use="literal"/>
+			</wsdl:output>
+		</wsdl:operation>
+
+	</wsdl:binding>
+
+	<wsdl:service name="eHVDService">
+		<wsdl:documentation>eHVD Service</wsdl:documentation>
+
+		<wsdl:port name="eHVDPort12" binding="tns:eHVDSOAPBinding12">
+			<soap12:address location="https://ehvdws.gesundheit.gv.at"/>
+		</wsdl:port>
+
+	</wsdl:service>
+
+</wsdl:definitions>
\ No newline at end of file
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/InjectEhvdIdentityInformationTaskTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/InjectEhvdIdentityInformationTaskTest.java
deleted file mode 100644
index 45f7a8fc4..000000000
--- a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/InjectEhvdIdentityInformationTaskTest.java
+++ /dev/null
@@ -1,131 +0,0 @@
-package at.gv.egovernment.moa.id.auth.modules.ehvd.test;
-
-import static org.junit.Assert.assertEquals;
-import static org.junit.Assert.assertFalse;
-import static org.junit.Assert.assertNotNull;
-import static org.junit.Assert.fail;
-
-import java.io.IOException;
-import java.security.PublicKey;
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.xml.transform.TransformerException;
-
-import org.apache.commons.lang3.RandomStringUtils;
-import org.junit.Before;
-import org.junit.Ignore;
-import org.junit.Test;
-import org.junit.runner.RunWith;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.mock.web.MockHttpServletRequest;
-import org.springframework.mock.web.MockHttpServletResponse;
-import org.springframework.test.context.ContextConfiguration;
-import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
-import org.springframework.util.Assert;
-import org.springframework.web.context.request.RequestContextHolder;
-import org.springframework.web.context.request.ServletRequestAttributes;
-import org.w3c.dom.Element;
-
-import at.gv.egiz.eaaf.core.api.IRequest;
-import at.gv.egiz.eaaf.core.api.IRequestStorage;
-import at.gv.egiz.eaaf.core.api.data.EAAFConfigConstants;
-import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
-import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
-import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
-import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
-import at.gv.egiz.eaaf.core.exceptions.EAAFException;
-import at.gv.egiz.eaaf.core.exceptions.EAAFParserException;
-import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException;
-import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
-import at.gv.egiz.eaaf.core.impl.idp.auth.data.SimpleIdentityLinkAssertionParser;
-import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration;
-import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
-import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
-import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
-import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
-import at.gv.egovernment.moa.id.auth.modules.ehvd.task.InjectEhvdInformationTask;
-import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap;
-import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.TestUtils;
-
-@RunWith(SpringJUnit4ClassRunner.class)
-@ContextConfiguration({
-    "/test_ehvd_service_auth.beans.xml" })
-public class InjectEhvdIdentityInformationTaskTest {
-
-  @Autowired InjectEhvdInformationTask task;
-  @Autowired DummyAuthConfigMap config;
-  @Autowired IRequestStorage storage;
-  
-  protected MockHttpServletRequest httpReq;
-  protected MockHttpServletResponse httpResp;
-  private ExecutionContext context;
-  private TestRequestImpl pendingReq;
-  private Map<String, String> spConfigMap;
-  
-  @Before
-  public void initialize() throws EAAFParserException {
-    httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
-    httpResp = new MockHttpServletResponse();
-    RequestContextHolder.resetRequestAttributes();
-    RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
-    
-    context = new ExecutionContextImpl();
-
-    spConfigMap = new HashMap<>();
-    spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphanumeric(10));
-    
-    ISPConfiguration spConfig = new DummySPConfiguration(spConfigMap, config);    
-    pendingReq = new TestRequestImpl();
-    pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10));
-    pendingReq.setSpConfig(spConfig);
-        
-    // re-set config
-    config.putConfigValue("modules.dummyauth.enabled", String.valueOf(true));
-    
-    //inject identityLink
-    final AuthenticationSessionWrapper moaSession = pendingReq.getSessionData(
-        AuthenticationSessionWrapper.class);    
-    moaSession.setIdentityLink(TestUtils.generateDummyIdl(
-        RandomStringUtils.randomAlphanumeric(10), 
-        EAAFConstants.URN_PREFIX_BASEID));
-    
-  }
-
-  @Test
-  public void noIdentityLinkInSession() {
-    final AuthenticationSessionWrapper moaSession = pendingReq.getSessionData(
-        AuthenticationSessionWrapper.class);
-    moaSession.setIdentityLink(null);
-    
-    try {
-      task.execute(pendingReq, context);
-      fail("wrong state not detected");
-      
-    } catch (TaskExecutionException e) {
-      Assert.isInstanceOf(AuthenticationException.class, e.getOriginalException(), "wrong execpetion");     
-      assertEquals("wrong errorCode", "process.04", ((EAAFException) e.getOriginalException()).getErrorId());
-      
-    }        
-  }
-  
-    
-  @Test
-  public void validateState() throws TaskExecutionException, PendingReqIdValidationException {
-    
-    task.execute(pendingReq, context);
-    
-    // validate state
-    IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId());
-    assertNotNull("pendingReq not stored", storedReq);
-    
-    final AuthenticationSessionWrapper moaSession = storedReq.getSessionData(
-        AuthenticationSessionWrapper.class);
-    
-    assertFalse("foreign", moaSession.isForeigner());
-    assertFalse("mandate", moaSession.isMandateUsed());    
-    assertEquals("missing attributes", 1, moaSession.getGenericSessionDataStorage().size());
-            
-  }
-  
-}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java
new file mode 100644
index 000000000..585083a77
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java
@@ -0,0 +1,141 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.tasks;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.fail;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.when;
+
+import java.net.SocketTimeoutException;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Locale;
+import java.util.Map;
+
+import javax.xml.namespace.QName;
+import javax.xml.soap.Detail;
+import javax.xml.soap.Name;
+import javax.xml.soap.SOAPElement;
+import javax.xml.soap.SOAPException;
+import javax.xml.soap.SOAPFault;
+import javax.xml.ws.soap.SOAPFaultException;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Before;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.annotation.IfProfileValue;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.util.Assert;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+import org.w3c.dom.Attr;
+import org.w3c.dom.DOMException;
+import org.w3c.dom.Document;
+import org.w3c.dom.NamedNodeMap;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
+import org.w3c.dom.TypeInfo;
+import org.w3c.dom.UserDataHandler;
+
+import com.github.skjolber.mockito.soap.Soap12EndpointRule;
+
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.IRequestStorage;
+import at.gv.egiz.eaaf.core.api.data.EAAFConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFParserException;
+import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
+import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.EHVD;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GDARoles;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GDAStatus;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaIndexResponse;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.task.InjectEhvdInformationTask;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.TestUtils;
+import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+    "/test_ehvd_qs_service_auth.beans.xml" })
+@IfProfileValue(name = "spring.profiles.active", value = "devEnvironment")
+public class InjectEhvdIdentityInformationQsSystemTest {
+
+  @Autowired
+  InjectEhvdInformationTask task;
+  @Autowired
+  DummyAuthConfigMap config;
+  @Autowired
+  IRequestStorage storage;
+
+  protected MockHttpServletRequest httpReq;
+  protected MockHttpServletResponse httpResp;
+  private ExecutionContext context;
+  private TestRequestImpl pendingReq;
+  private Map<String, String> spConfigMap;
+
+  @Before
+  public void initialize() throws EAAFParserException {
+    httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+    httpResp = new MockHttpServletResponse();
+    RequestContextHolder.resetRequestAttributes();
+    RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+    context = new ExecutionContextImpl();
+
+    spConfigMap = new HashMap<>();
+    spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphanumeric(10));
+
+    final ISPConfiguration spConfig = new DummySPConfiguration(spConfigMap, config);
+    pendingReq = new TestRequestImpl();
+    pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10));
+    pendingReq.setSpConfig(spConfig);
+
+    // re-set config
+    config.putConfigValue("modules.dummyauth.enabled", String.valueOf(true));
+
+  }
+  
+  @Test
+  public void validateState() throws TaskExecutionException, PendingReqIdValidationException {
+    // inject identityLink
+    final AuthenticationSessionWrapper moaSession = pendingReq.getSessionData(
+        AuthenticationSessionWrapper.class);
+    moaSession.setIdentityLink(TestUtils.generateDummyIdl(
+        RandomStringUtils.randomAlphanumeric(10),
+        EAAFConstants.URN_PREFIX_BASEID));
+    
+    task.execute(pendingReq, context);
+
+    // validate state
+    final IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId());
+    assertNotNull("pendingReq not stored", storedReq);
+
+    final AuthenticationSessionWrapper moaSessionStored = storedReq.getSessionData(
+        AuthenticationSessionWrapper.class);
+
+    assertFalse("foreign", moaSessionStored.isForeigner());
+    assertFalse("mandate", moaSessionStored.isMandateUsed());
+    assertEquals("missing attributes", 1, moaSessionStored.getGenericSessionDataStorage().size());    
+    assertNotNull("no Role attr", moaSessionStored.getGenericDataFromSession(PVPConstants.ROLES_NAME));
+    
+  }          
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationTaskTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationTaskTest.java
new file mode 100644
index 000000000..0c84a7bcf
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationTaskTest.java
@@ -0,0 +1,961 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.tasks;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.fail;
+import static org.mockito.ArgumentMatchers.any;
+import static org.mockito.Mockito.when;
+
+import java.net.SocketTimeoutException;
+import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Locale;
+import java.util.Map;
+
+import javax.xml.namespace.QName;
+import javax.xml.soap.Detail;
+import javax.xml.soap.Name;
+import javax.xml.soap.SOAPElement;
+import javax.xml.soap.SOAPException;
+import javax.xml.soap.SOAPFault;
+import javax.xml.ws.soap.SOAPFaultException;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Before;
+import org.junit.Rule;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.mock.web.MockHttpServletRequest;
+import org.springframework.mock.web.MockHttpServletResponse;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+import org.springframework.util.Assert;
+import org.springframework.web.context.request.RequestContextHolder;
+import org.springframework.web.context.request.ServletRequestAttributes;
+import org.w3c.dom.Attr;
+import org.w3c.dom.DOMException;
+import org.w3c.dom.Document;
+import org.w3c.dom.NamedNodeMap;
+import org.w3c.dom.Node;
+import org.w3c.dom.NodeList;
+import org.w3c.dom.TypeInfo;
+import org.w3c.dom.UserDataHandler;
+
+import com.github.skjolber.mockito.soap.Soap12EndpointRule;
+
+import at.gv.egiz.eaaf.core.api.IRequest;
+import at.gv.egiz.eaaf.core.api.IRequestStorage;
+import at.gv.egiz.eaaf.core.api.data.EAAFConfigConstants;
+import at.gv.egiz.eaaf.core.api.data.EAAFConstants;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
+import at.gv.egiz.eaaf.core.exceptions.EAAFException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFParserException;
+import at.gv.egiz.eaaf.core.exceptions.PendingReqIdValidationException;
+import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
+import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
+import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.EHVD;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GDARoles;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GDAStatus;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaIndexResponse;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.task.InjectEhvdInformationTask;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.TestUtils;
+import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+    "/test_ehvd_service_auth.beans.xml" })
+public class InjectEhvdIdentityInformationTaskTest {
+
+  @Autowired
+  InjectEhvdInformationTask task;
+  @Autowired
+  DummyAuthConfigMap config;
+  @Autowired
+  IRequestStorage storage;
+
+  @Rule
+  public final Soap12EndpointRule soap = Soap12EndpointRule.newInstance();
+
+  protected MockHttpServletRequest httpReq;
+  protected MockHttpServletResponse httpResp;
+  private ExecutionContext context;
+  private TestRequestImpl pendingReq;
+  private Map<String, String> spConfigMap;
+
+  private EHVD ehvdService;
+
+  @Before
+  public void initialize() throws EAAFParserException {
+    httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
+    httpResp = new MockHttpServletResponse();
+    RequestContextHolder.resetRequestAttributes();
+    RequestContextHolder.setRequestAttributes(new ServletRequestAttributes(httpReq, httpResp));
+
+    context = new ExecutionContextImpl();
+
+    spConfigMap = new HashMap<>();
+    spConfigMap.put(EAAFConfigConstants.SERVICE_UNIQUEIDENTIFIER, RandomStringUtils.randomAlphanumeric(10));
+
+    final ISPConfiguration spConfig = new DummySPConfiguration(spConfigMap, config);
+    pendingReq = new TestRequestImpl();
+    pendingReq.setPendingReqId(RandomStringUtils.randomAlphanumeric(10));
+    pendingReq.setSpConfig(spConfig);
+
+    // re-set config
+    config.putConfigValue("modules.dummyauth.enabled", String.valueOf(true));
+
+    // inject identityLink
+    final AuthenticationSessionWrapper moaSession = pendingReq.getSessionData(
+        AuthenticationSessionWrapper.class);
+    moaSession.setIdentityLink(TestUtils.generateDummyIdl(
+        RandomStringUtils.randomAlphanumeric(10),
+        EAAFConstants.URN_PREFIX_BASEID));
+
+    // mock EHVD service
+    ehvdService = soap.mock(EHVD.class, "http://localhost:1234/ehvd");
+
+  }
+
+  @Test
+  public void noIdentityLinkInSession() {
+    final AuthenticationSessionWrapper moaSession = pendingReq.getSessionData(
+        AuthenticationSessionWrapper.class);
+    moaSession.setIdentityLink(null);
+
+    try {
+      task.execute(pendingReq, context);
+      fail("wrong state not detected");
+
+    } catch (final TaskExecutionException e) {
+      Assert.isInstanceOf(AuthenticationException.class, e.getOriginalException(), "wrong execpetion");
+      assertEquals("wrong errorCode", "process.04", ((EAAFException) e.getOriginalException()).getErrorId());
+
+    }
+  }
+
+  @Test
+  public void noActiveGda() throws TaskExecutionException, PendingReqIdValidationException {
+    // set-up EHVD response
+    String role1 = RandomStringUtils.randomAlphabetic(10);
+    when(ehvdService.getGDA(any())).thenReturn(generateGdaResponse(false, Arrays.asList(role1)));
+
+    try {
+      task.execute(pendingReq, context);
+      fail("wrong state not detected");
+
+    } catch (final TaskExecutionException e) {
+      Assert.isInstanceOf(AuthenticationException.class, e.getOriginalException(), "wrong execpetion");
+      assertEquals("wrong errorCode", "ehvd.00", ((EAAFException) e.getOriginalException()).getErrorId());
+
+    }    
+  }
+  
+  @Test
+  public void gdaGenericServiceError() throws TaskExecutionException, PendingReqIdValidationException {
+    // set-up EHVD response
+    when(ehvdService.getGDA(any())).thenThrow(new RuntimeException("No anwser from Service"));
+
+    try {
+      task.execute(pendingReq, context);
+      fail("wrong state not detected");
+
+    } catch (final TaskExecutionException e) {
+      Assert.isInstanceOf(AuthenticationException.class, e.getOriginalException(), "wrong execpetion");
+      assertEquals("wrong errorCode", "ehvd.02", ((EAAFException) e.getOriginalException()).getErrorId());
+
+    }    
+  }
+  
+  @Test
+  public void gdaServiceError() throws TaskExecutionException, PendingReqIdValidationException {
+    // set-up EHVD response
+    String msg = RandomStringUtils.randomAlphabetic(10);
+    SOAPFault fault = generateSoaFault(msg);    
+    SOAPFaultException error = new SOAPFaultException(fault );    
+    when(ehvdService.getGDA(any())).thenThrow(error);
+
+    try {
+      task.execute(pendingReq, context);
+      fail("wrong state not detected");
+
+    } catch (final TaskExecutionException e) {
+      Assert.isInstanceOf(AuthenticationException.class, e.getOriginalException(), "wrong execpetion");
+      assertEquals("wrong errorCode", "ehvd.02", ((EAAFException) e.getOriginalException()).getErrorId());
+
+    }    
+  }
+  
+  @Test
+  public void validateState() throws TaskExecutionException, PendingReqIdValidationException {
+    // set-up EHVD response
+    String role1 = RandomStringUtils.randomAlphabetic(10);
+    String role2 = RandomStringUtils.randomAlphabetic(10);
+    when(ehvdService.getGDA(any())).thenReturn(generateGdaResponse(true, Arrays.asList(role1, role2)));
+
+    task.execute(pendingReq, context);
+
+    // validate state
+    final IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId());
+    assertNotNull("pendingReq not stored", storedReq);
+
+    final AuthenticationSessionWrapper moaSession = storedReq.getSessionData(
+        AuthenticationSessionWrapper.class);
+
+    assertFalse("foreign", moaSession.isForeigner());
+    assertFalse("mandate", moaSession.isMandateUsed());
+    assertEquals("missing attributes", 1, moaSession.getGenericSessionDataStorage().size());    
+    assertNotNull("no Role attr", moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME));
+    assertEquals("wrong role attr", 
+        role1 + ";" + role2, 
+        moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME, String.class));
+    
+  }
+
+  private GdaIndexResponse generateGdaResponse(boolean isActive, List<String> roles) {
+    GdaIndexResponse resp = new GdaIndexResponse();
+    GdaDescriptor gda = new GdaDescriptor();        
+    resp.setGda(gda);
+    
+    GDAStatus status = new GDAStatus();
+    gda.setStatus(status);
+    status.setEhvdstatus(isActive ? "Aktiv" : "Inaktiv");
+    
+    GDARoles gdaRoles = new GDARoles();
+    gda.setRoles(gdaRoles);
+    gdaRoles.getRole().addAll(roles);
+        
+    return resp;
+  }
+  
+  private SOAPFault generateSoaFault(String msg) {
+    return new SOAPFault() {
+      
+      @Override
+      public void setIdAttributeNode(Attr idAttr, boolean isId) throws DOMException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setIdAttributeNS(String namespaceURI, String localName, boolean isId) throws DOMException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setIdAttribute(String name, boolean isId) throws DOMException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public Attr setAttributeNodeNS(Attr newAttr) throws DOMException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Attr setAttributeNode(Attr newAttr) throws DOMException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public void setAttributeNS(String namespaceURI, String qualifiedName, String value) throws DOMException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setAttribute(String name, String value) throws DOMException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public Attr removeAttributeNode(Attr oldAttr) throws DOMException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public void removeAttributeNS(String namespaceURI, String localName) throws DOMException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void removeAttribute(String name) throws DOMException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public boolean hasAttributeNS(String namespaceURI, String localName) throws DOMException {
+        // TODO Auto-generated method stub
+        return false;
+      }
+      
+      @Override
+      public boolean hasAttribute(String name) {
+        // TODO Auto-generated method stub
+        return false;
+      }
+      
+      @Override
+      public String getTagName() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public TypeInfo getSchemaTypeInfo() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public NodeList getElementsByTagNameNS(String namespaceURI, String localName) throws DOMException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public NodeList getElementsByTagName(String name) {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Attr getAttributeNodeNS(String namespaceURI, String localName) throws DOMException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Attr getAttributeNode(String name) {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getAttributeNS(String namespaceURI, String localName) throws DOMException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getAttribute(String name) {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Object setUserData(String key, Object data, UserDataHandler handler) {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public void setTextContent(String textContent) throws DOMException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setPrefix(String prefix) throws DOMException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setNodeValue(String nodeValue) throws DOMException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public Node replaceChild(Node newChild, Node oldChild) throws DOMException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Node removeChild(Node oldChild) throws DOMException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public void normalize() {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public String lookupPrefix(String namespaceURI) {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String lookupNamespaceURI(String prefix) {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public boolean isSupported(String feature, String version) {
+        // TODO Auto-generated method stub
+        return false;
+      }
+      
+      @Override
+      public boolean isSameNode(Node other) {
+        // TODO Auto-generated method stub
+        return false;
+      }
+      
+      @Override
+      public boolean isEqualNode(Node arg) {
+        // TODO Auto-generated method stub
+        return false;
+      }
+      
+      @Override
+      public boolean isDefaultNamespace(String namespaceURI) {
+        // TODO Auto-generated method stub
+        return false;
+      }
+      
+      @Override
+      public Node insertBefore(Node newChild, Node refChild) throws DOMException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public boolean hasChildNodes() {
+        // TODO Auto-generated method stub
+        return false;
+      }
+      
+      @Override
+      public boolean hasAttributes() {
+        // TODO Auto-generated method stub
+        return false;
+      }
+      
+      @Override
+      public Object getUserData(String key) {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getTextContent() throws DOMException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Node getPreviousSibling() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getPrefix() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Node getParentNode() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Document getOwnerDocument() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getNodeValue() throws DOMException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public short getNodeType() {
+        // TODO Auto-generated method stub
+        return 0;
+      }
+      
+      @Override
+      public String getNodeName() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Node getNextSibling() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getNamespaceURI() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getLocalName() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Node getLastChild() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Node getFirstChild() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Object getFeature(String feature, String version) {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public NodeList getChildNodes() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getBaseURI() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public NamedNodeMap getAttributes() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public short compareDocumentPosition(Node other) throws DOMException {
+        // TODO Auto-generated method stub
+        return 0;
+      }
+      
+      @Override
+      public Node cloneNode(boolean deep) {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Node appendChild(Node newChild) throws DOMException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public void setValue(String value) {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setParentElement(SOAPElement parent) throws SOAPException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void recycleNode() {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public String getValue() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public SOAPElement getParentElement() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public void detachNode() {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setEncodingStyle(String encodingStyle) throws SOAPException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public SOAPElement setElementQName(QName newName) throws SOAPException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public boolean removeNamespaceDeclaration(String prefix) {
+        // TODO Auto-generated method stub
+        return false;
+      }
+      
+      @Override
+      public void removeContents() {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public boolean removeAttribute(QName qname) {
+        // TODO Auto-generated method stub
+        return false;
+      }
+      
+      @Override
+      public boolean removeAttribute(Name name) {
+        // TODO Auto-generated method stub
+        return false;
+      }
+      
+      @Override
+      public Iterator getVisibleNamespacePrefixes() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getNamespaceURI(String prefix) {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Iterator getNamespacePrefixes() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getEncodingStyle() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public QName getElementQName() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Name getElementName() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Iterator getChildElements(QName qname) {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Iterator getChildElements(Name name) {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Iterator getChildElements() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getAttributeValue(QName qname) {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getAttributeValue(Name name) {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Iterator getAllAttributesAsQNames() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Iterator getAllAttributes() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public QName createQName(String localName, String prefix) throws SOAPException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public SOAPElement addTextNode(String text) throws SOAPException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public SOAPElement addNamespaceDeclaration(String prefix, String uri) throws SOAPException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public SOAPElement addChildElement(String localName, String prefix, String uri) throws SOAPException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public SOAPElement addChildElement(String localName, String prefix) throws SOAPException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public SOAPElement addChildElement(SOAPElement element) throws SOAPException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public SOAPElement addChildElement(String localName) throws SOAPException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public SOAPElement addChildElement(QName qname) throws SOAPException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public SOAPElement addChildElement(Name name) throws SOAPException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public SOAPElement addAttribute(QName qname, String value) throws SOAPException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public SOAPElement addAttribute(Name name, String value) throws SOAPException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public void setFaultString(String faultString, Locale locale) throws SOAPException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setFaultString(String faultString) throws SOAPException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setFaultRole(String uri) throws SOAPException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setFaultNode(String uri) throws SOAPException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setFaultCode(String faultCode) throws SOAPException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setFaultCode(QName faultCodeQName) throws SOAPException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setFaultCode(Name faultCodeQName) throws SOAPException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void setFaultActor(String faultActor) throws SOAPException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void removeAllFaultSubcodes() {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public boolean hasDetail() {
+        // TODO Auto-generated method stub
+        return false;
+      }
+      
+      @Override
+      public Iterator getFaultSubcodes() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Locale getFaultStringLocale() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getFaultString() {
+        return msg;
+        
+      }
+      
+      @Override
+      public String getFaultRole() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Iterator getFaultReasonTexts() throws SOAPException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getFaultReasonText(Locale locale) throws SOAPException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Iterator getFaultReasonLocales() throws SOAPException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getFaultNode() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public QName getFaultCodeAsQName() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Name getFaultCodeAsName() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getFaultCode() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public String getFaultActor() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public Detail getDetail() {
+        // TODO Auto-generated method stub
+        return null;
+      }
+      
+      @Override
+      public void appendFaultSubcode(QName subcode) throws SOAPException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public void addFaultReasonText(String text, Locale locale) throws SOAPException {
+        // TODO Auto-generated method stub
+        
+      }
+      
+      @Override
+      public Detail addDetail() throws SOAPException {
+        // TODO Auto-generated method stub
+        return null;
+      }
+    };
+    
+  }
+  
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/MoaStatusMessagerTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/MoaStatusMessagerTest.java
index 399980dbf..387aca540 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/MoaStatusMessagerTest.java
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/utils/MoaStatusMessagerTest.java
@@ -39,7 +39,7 @@ public class MoaStatusMessagerTest {
   @Test
   public void checkErrorMessages() {
     assertEquals("new error msg", 
-        "GDA Status inaktiv", messager.getMessage("ehvd.00", null));
+        "Für den abgefragtem GDA liegt keine Berechtigung vor", messager.getMessage("ehvd.00", null));
     assertEquals("new error msg", 
         "Allgemeiner Fehler bei der Abfrage des EHVD Service", messager.getMessage("ehvd.99", null));
     
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/com/github/skjolber/mockito/soap/Soap12EndpointRule.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/com/github/skjolber/mockito/soap/Soap12EndpointRule.java
new file mode 100644
index 000000000..547401cc3
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/com/github/skjolber/mockito/soap/Soap12EndpointRule.java
@@ -0,0 +1,195 @@
+package com.github.skjolber.mockito.soap;
+
+import java.io.IOException;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+
+import javax.xml.ws.soap.SOAPBinding;
+import javax.xml.ws.spi.Provider;
+
+import org.apache.cxf.Bus;
+import org.apache.cxf.endpoint.EndpointException;
+import org.apache.cxf.endpoint.ServerImpl;
+import org.apache.cxf.jaxws.EndpointImpl;
+import org.apache.cxf.jaxws.JaxWsServerFactoryBean;
+import org.apache.cxf.jaxws.support.JaxWsServiceFactoryBean;
+import org.apache.cxf.service.ServiceImpl;
+import org.apache.cxf.service.model.EndpointInfo;
+import org.apache.cxf.transport.ChainInitiationObserver;
+import org.apache.cxf.transport.Destination;
+import org.apache.cxf.transport.DestinationFactory;
+import org.apache.cxf.transport.DestinationFactoryManager;
+
+
+/**
+ * Fork of {@link SoapEndpointRule} that set <i>endpoint.setBindingUri(SOAPBinding.SOAP12HTTP_BINDING)</i> 
+ * into {@link EndpointImpl}.
+ * 
+ * @author tlenz
+ *
+ */
+public class Soap12EndpointRule extends SoapServerRule {
+  private static final int PORT_RANGE_START = 1024 + 1;
+  private static final int PORT_RANGE_END = PortManager.PORT_RANGE_MAX;
+
+  public static Soap12EndpointRule newInstance() {
+    return new Soap12EndpointRule();
+  }
+
+  private final Map<String, EndpointImpl> endpoints = new HashMap<>();
+
+  private PortManager<Destination> portManager;
+
+  public Soap12EndpointRule() {
+    this(PORT_RANGE_START, PORT_RANGE_END);
+  }
+
+  public Soap12EndpointRule(String... portNames) {
+    this(PORT_RANGE_START, PORT_RANGE_END, portNames);
+  }
+
+  public Soap12EndpointRule(int portRangeStart, int portRangeEnd, String... portNames) {
+    portManager = new PortManager<Destination>(portRangeStart, portRangeEnd) {
+      @Override
+      public Destination reserve(int port) throws Exception {
+        return createDestination(port);
+      }
+
+      @Override
+      public void release(Destination destination) {
+        destination.shutdown();
+      }
+    };
+
+    portManager.add(portNames);
+  }
+
+  /**
+   * Returns the port number that was reserved for the given name.
+   *
+   * @param portName port name
+   * @return a valid port number if the port has been reserved, -1 otherwise
+   */
+  public int getPort(String portName) {
+    return portManager.getPort(portName);
+  }
+
+  /**
+   * Returns all port names and respective port numbers.
+   *
+   * @return a map of port name and port value (a valid port number if the port
+   *         has been reserved, or -1 otherwise)
+   */
+  public Map<String, Integer> getPorts() {
+    return portManager.getPorts();
+  }
+
+  /**
+   * Attempt to reserve a port by starting a server.
+   *
+   * @param port port to reserve
+   * @return destination if successful
+   * @throws IOException
+   * @throws EndpointException
+   */
+  private Destination createDestination(int port) throws IOException, EndpointException {
+    final JaxWsServiceFactoryBean jaxWsServiceFactoryBean = new JaxWsServiceFactoryBean();
+
+    final JaxWsServerFactoryBean serverFactoryBean = new JaxWsServerFactoryBean(jaxWsServiceFactoryBean);
+    final Bus bus = serverFactoryBean.getBus();
+
+    final String address = "http://localhost:" + port;
+    serverFactoryBean.setAddress(address);
+
+    final DestinationFactory destinationFactory = bus.getExtension(DestinationFactoryManager.class)
+        .getDestinationFactoryForUri(address);
+
+    final EndpointInfo ei = new EndpointInfo(null, Integer.toString(port));
+    ei.setAddress(address);
+
+    final Destination destination = destinationFactory.getDestination(ei, bus);
+
+    final ServiceImpl serviceImpl = new ServiceImpl();
+
+    final org.apache.cxf.endpoint.Endpoint endpoint = new org.apache.cxf.endpoint.EndpointImpl(bus,
+        serviceImpl, ei);
+    destination.setMessageObserver(new ChainInitiationObserver(endpoint, bus));
+    return destination;
+  }
+
+  @Override
+  public <T> void proxy(T target, Class<T> port, String address, String wsdlLocation,
+      List<String> schemaLocations, Map<String, Object> properties) {
+    assertValidParams(target, port, address);
+
+    if (endpoints.containsKey(address)) {
+      throw new IllegalArgumentException("Endpoint " + address + " already exists");
+    }
+
+    final T serviceInterface = SoapServiceProxy.newInstance(target);
+
+    final EndpointImpl endpoint = (EndpointImpl) Provider.provider().createEndpoint(null, serviceInterface);
+    endpoint.setBindingUri(SOAPBinding.SOAP12HTTP_BINDING);
+
+    if (wsdlLocation != null) {
+      endpoint.setWsdlLocation(wsdlLocation);
+    }
+
+    if (schemaLocations != null) {
+      endpoint.setSchemaLocations(schemaLocations);
+    }
+
+    endpoint.setProperties(processProperties(properties, wsdlLocation, schemaLocations));
+
+    final Destination destination = portManager.getData(parsePort(address));
+    if (destination != null) {
+      final ServerImpl server = endpoint.getServer();
+      server.setDestination(destination);
+    }
+
+    endpoint.publish(address);
+
+    endpoints.put(address, endpoint);
+  }
+
+  @Override
+  protected void before() {
+    // reserve all ports
+    portManager.start();
+  }
+
+  @Override
+  protected void after() {
+    destroy();
+  }
+
+  /**
+   * Stop and remove endpoints, keeping port reservations.
+   */
+  public void clear() {
+    endpoints.values().forEach(EndpointImpl::stop);
+    endpoints.clear();
+  }
+
+  @Override
+  public void destroy() {
+    endpoints.values().forEach(endpoint -> {
+      endpoint.stop();
+      endpoint.getBus().shutdown(true);
+    });
+    endpoints.clear();
+    portManager.stop();
+  }
+
+  @Override
+  public void stop() {
+    endpoints.values().forEach(endpoint -> endpoint.getServer().stop());
+  }
+
+  @Override
+  public void start() {
+    // republish
+    endpoints.values().forEach(endpoint -> endpoint.getServer().start());
+  }
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config1.properties b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config1.properties
index bc71dc6ab..43e900f4b 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config1.properties
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config1.properties
@@ -3,3 +3,6 @@ modules.ehvd.sp.1=aaabbccddeeffgg
 modules.ehvd.sp.2=yyasdfasfsa2323
 modules.ehvd.sp.3=
 modules.ehvd.sp.4=435344534egewgegf
+
+modules.ehvd.service.url=http://localhost:1234/ehvd
+#modules.ehvd.service.url=https://ehvdwsqs.gesundheit.gv.at
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config_qs_service.properties b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config_qs_service.properties
new file mode 100644
index 000000000..13ecdab2b
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config_qs_service.properties
@@ -0,0 +1,8 @@
+modules.ehvd.enabled=true
+modules.ehvd.sp.1=aaabbccddeeffgg
+modules.ehvd.sp.2=yyasdfasfsa2323
+modules.ehvd.sp.3=
+modules.ehvd.sp.4=435344534egewgegf
+
+modules.ehvd.service.url=https://ehvdwsqs.gesundheit.gv.at
+modules.ehvd.proxy.socks.port=12345
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_qs_service_auth.beans.xml b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_qs_service_auth.beans.xml
new file mode 100644
index 000000000..0595d4eb4
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/test_ehvd_qs_service_auth.beans.xml
@@ -0,0 +1,19 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<beans xmlns="http://www.springframework.org/schema/beans"
+	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xmlns:context="http://www.springframework.org/schema/context"
+	xmlns:tx="http://www.springframework.org/schema/tx"
+	xmlns:aop="http://www.springframework.org/schema/aop"
+	xsi:schemaLocation="http://www.springframework.org/schema/aop http://www.springframework.org/schema/aop/spring-aop-3.1.xsd
+		http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
+		http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context-3.1.xsd
+		http://www.springframework.org/schema/tx http://www.springframework.org/schema/tx/spring-tx-3.0.xsd">
+
+	<import resource="classpath:/SpringTest-context_authManager.xml" />	
+	<import resource="classpath:/moaid_ehvd_service_auth.beans.xml" />
+
+	<bean id="dummyConfig" class="at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap">
+		<constructor-arg name="path" value="/config/config_qs_service.properties" />
+	</bean>
+ 																												
+</beans>
\ No newline at end of file
-- 
cgit v1.2.3


From 7abe41afdb6f454e02126dbc90fb0352d0d15f74 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Fri, 30 Jul 2021 09:16:47 +0200
Subject: throw a specific error in case of a EHVD response that contains no
 GDA information

---
 .../modules/ehvd/service/EhvdCommunicationService.java  | 12 +++++-------
 .../resources/properties/id_messages.properties         |  1 +
 .../properties/protocol_response_statuscodes.properties |  1 +
 .../InjectEhvdIdentityInformationQsSystemTest.java      |  4 ++--
 .../tasks/InjectEhvdIdentityInformationTaskTest.java    | 17 +++++++++++++++++
 5 files changed, 26 insertions(+), 9 deletions(-)

(limited to 'id/server')

diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java
index ab4a70751..2ef79a141 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java
@@ -51,6 +51,7 @@ public class EhvdCommunicationService implements IEhvdCommunication {
   private static final String ERROR_EHVD_00 = "ehvd.00";
   private static final String ERROR_EHVD_01 = "ehvd.01";
   private static final String ERROR_EHVD_02 = "ehvd.02";
+  private static final String ERROR_EHVD_03 = "ehvd.03";
   private static final String ERROR_CONFIG_05 = "config.05";
 
   @Autowired
@@ -100,8 +101,7 @@ public class EhvdCommunicationService implements IEhvdCommunication {
       // extract reason for this error 
       String errorMsg = e.getFault() != null 
           ? StringUtils.isNotEmpty(e.getFault().getFaultString()) ? e.getFault().getFaultString() : e.getMessage() 
-          : e.getMessage();
-      
+          : e.getMessage();      
       Logger.warn("EHVD communication failed with SOAP response: " + errorMsg, e);      
       throw new EhvdException(ERROR_EHVD_02, new Object[] {errorMsg}, e);
       
@@ -127,13 +127,11 @@ public class EhvdCommunicationService implements IEhvdCommunication {
       }
 
     } else {
-      Logger.debug("Receive empty GDA response");
-      // TODO: what we to in case of empty response?
+      Logger.info("Receive empty GDA response");
+      throw new EhvdException(ERROR_EHVD_03, new Object[] {});
+      
 
     }
-
-    return Collections.emptyList();
-
   }
 
   private GetGdaDescriptors buildGdaRequest(String bPK) {
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/id_messages.properties b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/id_messages.properties
index 104342a9d..643893413 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/id_messages.properties
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/id_messages.properties
@@ -1,5 +1,6 @@
 ehvd.00=Für den abgefragtem GDA liegt keine Berechtigung vor
 ehvd.01=Technischer Fehler bei der Abfrage von GDA Informationen. Ursache: {0}
 ehvd.02=Fehler bei der Abfrage von GDA Informationen. Ursache: {0}
+ehvd.03=Antwort des EHVD Service beinhaltet keine GDA Informationen
 
 ehvd.99=Allgemeiner Fehler bei der Abfrage des EHVD Service
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/protocol_response_statuscodes.properties b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/protocol_response_statuscodes.properties
index 400994330..72048b8e3 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/protocol_response_statuscodes.properties
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/protocol_response_statuscodes.properties
@@ -4,4 +4,5 @@ test.02=zzzyyyxxx
 ehvd.00=7000
 ehvd.01=7001
 ehvd.02=7001
+ehvd.03=7001
 ehvd.99=7099
\ No newline at end of file
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java
index 585083a77..e77e2db58 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java
@@ -120,8 +120,8 @@ public class InjectEhvdIdentityInformationQsSystemTest {
     final AuthenticationSessionWrapper moaSession = pendingReq.getSessionData(
         AuthenticationSessionWrapper.class);
     moaSession.setIdentityLink(TestUtils.generateDummyIdl(
-        RandomStringUtils.randomAlphanumeric(10),
-        EAAFConstants.URN_PREFIX_BASEID));
+        "SUTFhJ/FXHmLGfTFchYnnWG/e3A=",
+        EAAFConstants.URN_PREFIX_CDID + "GH"));
     
     task.execute(pendingReq, context);
 
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationTaskTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationTaskTest.java
index 0c84a7bcf..8620ef98b 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationTaskTest.java
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationTaskTest.java
@@ -196,6 +196,23 @@ public class InjectEhvdIdentityInformationTaskTest {
     }    
   }
   
+  @Test
+  public void noGdaInfosInResponse() throws TaskExecutionException, PendingReqIdValidationException {
+    // set-up EHVD response    
+    GdaIndexResponse gdaResponse = new GdaIndexResponse();
+    when(ehvdService.getGDA(any())).thenReturn(gdaResponse);
+
+    try {
+      task.execute(pendingReq, context);
+      fail("wrong state not detected");
+
+    } catch (final TaskExecutionException e) {
+      Assert.isInstanceOf(AuthenticationException.class, e.getOriginalException(), "wrong execpetion");
+      assertEquals("wrong errorCode", "ehvd.03", ((EAAFException) e.getOriginalException()).getErrorId());
+
+    }    
+  }
+  
   @Test
   public void validateState() throws TaskExecutionException, PendingReqIdValidationException {
     // set-up EHVD response
-- 
cgit v1.2.3


From eed64f78c6e0dd37145b373d7218c07c0f4a8a33 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Fri, 30 Jul 2021 11:16:49 +0200
Subject: do not forward SOAP exception into MOA-ID exception handling because
 child objects of SOAP exceptions are not serializable

---
 .../ehvd/service/EhvdCommunicationService.java     |  2 +-
 .../InjectEhvdIdentityInformationQsSystemTest.java | 30 ++++++++++++++++++++++
 .../resources/config/config_qs_service.properties  |  1 +
 3 files changed, 32 insertions(+), 1 deletion(-)

(limited to 'id/server')

diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java
index 2ef79a141..51bae6dfd 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java
@@ -103,7 +103,7 @@ public class EhvdCommunicationService implements IEhvdCommunication {
           ? StringUtils.isNotEmpty(e.getFault().getFaultString()) ? e.getFault().getFaultString() : e.getMessage() 
           : e.getMessage();      
       Logger.warn("EHVD communication failed with SOAP response: " + errorMsg, e);      
-      throw new EhvdException(ERROR_EHVD_02, new Object[] {errorMsg}, e);
+      throw new EhvdException(ERROR_EHVD_02, new Object[] {errorMsg});
       
     } catch (final Exception e) {
       Logger.error("EHVD communication failed with generic error: " + e.getMessage(), e);
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java
index e77e2db58..8bccefc8d 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationQsSystemTest.java
@@ -25,6 +25,7 @@ import javax.xml.ws.soap.SOAPFaultException;
 
 import org.apache.commons.lang3.RandomStringUtils;
 import org.junit.Before;
+import org.junit.BeforeClass;
 import org.junit.Rule;
 import org.junit.Test;
 import org.junit.runner.RunWith;
@@ -92,6 +93,35 @@ public class InjectEhvdIdentityInformationQsSystemTest {
   private TestRequestImpl pendingReq;
   private Map<String, String> spConfigMap;
 
+  @BeforeClass
+  public static void classInitializer() {
+    System.setProperty(
+        "https.cipherSuites",
+            //high secure RSA bases ciphers
+            "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384" +
+            ",TLS_DHE_RSA_WITH_AES_128_GCM_SHA256" +
+            ",TLS_DHE_RSA_WITH_AES_256_CBC_SHA256" +
+            ",TLS_DHE_RSA_WITH_AES_128_CBC_SHA256" +
+        
+            //high secure ECC bases ciphers
+            ",TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384" +
+            ",TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384" +
+            ",TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256" +
+            ",TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256" +
+            ",TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384" +
+            ",TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384" +
+            ",TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256" +
+            ",TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256" +
+             
+            //secure backup chipers
+            ",TLS_DHE_RSA_WITH_AES_256_CBC_SHA" +
+            ",TLS_DHE_RSA_WITH_AES_128_CBC_SHA" +
+            ",TLS_RSA_WITH_AES_128_CBC_SHA" +
+            ",TLS_RSA_WITH_AES_256_CBC_SHA"                                   
+            );
+    
+  }
+  
   @Before
   public void initialize() throws EAAFParserException {
     httpReq = new MockHttpServletRequest("POST", "https://localhost/authhandler");
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config_qs_service.properties b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config_qs_service.properties
index 13ecdab2b..2f6c45365 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config_qs_service.properties
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config_qs_service.properties
@@ -5,4 +5,5 @@ modules.ehvd.sp.3=
 modules.ehvd.sp.4=435344534egewgegf
 
 modules.ehvd.service.url=https://ehvdwsqs.gesundheit.gv.at
+#modules.ehvd.service.bpk.target=
 modules.ehvd.proxy.socks.port=12345
-- 
cgit v1.2.3


From e8fba75fda7841ba9ad584553abf23be1adee0ef Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Fri, 30 Jul 2021 11:18:15 +0200
Subject: fix bug in definition of allowed SSL CipherSuites that results in a
 error during SSL hand-shake

---
 .../java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java  | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'id/server')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
index b0f452861..baf4349e8 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/auth/MOAIDAuthInitializer.java
@@ -77,10 +77,10 @@ public class MOAIDAuthInitializer {
         	System.setProperty(
         			"https.cipherSuites",
         					//high secure RSA bases ciphers
-							",TLS_DHE_RSA_WITH_AES_256_GCM_SHA384" +
-							",TLS_DHE_RSA_WITH_AES_128_GCM_SHA256" +
-							",TLS_DHE_RSA_WITH_AES_256_CBC_SHA256" +
-        					",TLS_DHE_RSA_WITH_AES_128_CBC_SHA256" +
+							    "TLS_DHE_RSA_WITH_AES_256_GCM_SHA384" +
+							    ",TLS_DHE_RSA_WITH_AES_128_GCM_SHA256" +
+							    ",TLS_DHE_RSA_WITH_AES_256_CBC_SHA256" +
+        				  ",TLS_DHE_RSA_WITH_AES_128_CBC_SHA256" +
 							
         					//high secure ECC bases ciphers
         					",TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384" +
-- 
cgit v1.2.3


From ef16b7e22800a5b200e58dd83fc406bb94dd671a Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Fri, 30 Jul 2021 11:28:23 +0200
Subject: Log some EHVD faults on INFO level because they are well known

---
 .../ehvd/service/EhvdCommunicationService.java     | 35 +++++++++++++++++-----
 1 file changed, 28 insertions(+), 7 deletions(-)

(limited to 'id/server')

diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java
index 51bae6dfd..a25a7f421 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java
@@ -5,6 +5,7 @@ import java.util.ArrayList;
 import java.util.Collections;
 import java.util.List;
 import java.util.Map;
+import java.util.Set;
 
 import javax.annotation.Nonnull;
 import javax.annotation.PostConstruct;
@@ -19,6 +20,8 @@ import org.apache.cxf.transport.http.HTTPConduit;
 import org.apache.cxf.transports.http.configuration.ProxyServerType;
 import org.springframework.beans.factory.annotation.Autowired;
 
+import com.google.common.collect.Sets;
+
 import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions;
 import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
 import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
@@ -53,7 +56,9 @@ public class EhvdCommunicationService implements IEhvdCommunication {
   private static final String ERROR_EHVD_02 = "ehvd.02";
   private static final String ERROR_EHVD_03 = "ehvd.03";
   private static final String ERROR_CONFIG_05 = "config.05";
-
+  
+  private static final Set<String> SERVICE_ERRORS_LOG_INFO = Sets.newHashSet("6002");
+  
   @Autowired
   IConfiguration config;
 
@@ -98,12 +103,7 @@ public class EhvdCommunicationService implements IEhvdCommunication {
       return gdaResp;
 
     } catch  (final SOAPFaultException e) {
-      // extract reason for this error 
-      String errorMsg = e.getFault() != null 
-          ? StringUtils.isNotEmpty(e.getFault().getFaultString()) ? e.getFault().getFaultString() : e.getMessage() 
-          : e.getMessage();      
-      Logger.warn("EHVD communication failed with SOAP response: " + errorMsg, e);      
-      throw new EhvdException(ERROR_EHVD_02, new Object[] {errorMsg});
+      throw handleSoapFaultError(e);
       
     } catch (final Exception e) {
       Logger.error("EHVD communication failed with generic error: " + e.getMessage(), e);
@@ -113,6 +113,27 @@ public class EhvdCommunicationService implements IEhvdCommunication {
 
   }
 
+  private EhvdException handleSoapFaultError(SOAPFaultException e) {
+    // extract reason for this error 
+    String errorMsg = e.getFault() != null 
+        ? StringUtils.isNotEmpty(e.getFault().getFaultString()) ? e.getFault().getFaultString() : e.getMessage() 
+        : e.getMessage();
+    
+    if (SERVICE_ERRORS_LOG_INFO.stream()
+            .filter(el -> errorMsg.contains(el))
+            .findFirst()
+            .isPresent()) {
+      Logger.info("EHVD communication failed with SOAP response: " + errorMsg);  
+      
+    } else {
+      Logger.warn("EHVD communication failed with SOAP response: " + errorMsg, e);
+      
+    }    
+          
+    return new EhvdException(ERROR_EHVD_02, new Object[] {errorMsg});
+   
+  }
+
   private List<String> parseGdaResponse(GdaIndexResponse ehvdResp) throws EhvdException {
     if (ehvdResp.getGda() != null) {
       final GdaDescriptor gdaInfo = ehvdResp.getGda();
-- 
cgit v1.2.3


From 031d236181704248475554ebf7ae373096637a4f Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Wed, 8 Sep 2021 13:45:25 +0200
Subject: update EHVD Role filtering and mapping

---
 .../auth/modules/ehvd/ConfigurationProperties.java |   3 +
 .../auth/modules/ehvd/EhvdServiceAuthModule.java   |  10 +-
 .../EhvdServiceAuthSpringResourceProvider.java     |  55 +++++-----
 .../ehvd/attributes/PvpRoleAttributeBuilder.java   |  25 +++--
 .../auth/modules/ehvd/exception/EhvdException.java |   4 +-
 .../ehvd/service/EhvdCommunicationService.java     | 111 ++++++++++++++++-----
 .../modules/ehvd/service/IEhvdCommunication.java   |   6 +-
 .../ehvd/task/InjectEhvdInformationTask.java       |  36 +++----
 .../resources/properties/id_messages.properties    |   1 +
 .../protocol_response_statuscodes.properties       |   1 +
 .../attributes/PvpRoleAttributeBuilderTest.java    |  26 +++++
 .../InjectEhvdIdentityInformationTaskTest.java     |  80 ++++++++++++++-
 .../src/test/resources/config/config1.properties   |   3 +
 13 files changed, 268 insertions(+), 93 deletions(-)

(limited to 'id/server')

diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java
index 07d65f2f5..035e59387 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java
@@ -34,6 +34,9 @@ public class ConfigurationProperties {
 
   public static final String PROP_MODULE_SERVICE_TARGET = MODULE_PREFIX + "service.bpk.target";
   public static final String PROP_MODULE_SERVICE_ENDPOINT = MODULE_PREFIX + "service.url";
+  public static final String PROP_MODULE_EHVD_ROLE_REGEX = MODULE_PREFIX + "service.role.regex";
+
+  public static final String PROP_MODULE_PVP_ROLE = MODULE_PREFIX + "role.pvp";
 
   public static final String PROP_MODULE_PROXY_SOCKS_PORT = MODULE_PREFIX + "proxy.socks.port";
 
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthModule.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthModule.java
index 917c226a2..d087b9fe2 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthModule.java
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthModule.java
@@ -107,20 +107,20 @@ public class EhvdServiceAuthModule extends DefaultCitizenCardAuthModuleImpl {
 
     if (authConfig.getBasicConfigurationBoolean(ConfigurationProperties.PROP_MODULE_ENABLED, false)) {
       final String spEntityID = pendingReq.getServiceProviderConfiguration().getUniqueIdentifier();
-      Logger.trace("Checking EHVD communication for SP: " + spEntityID + " ....");      
-      boolean ccAuthRequested = StringUtils.isNotEmpty(super.selectProcess(context, pendingReq));
+      Logger.trace("Checking EHVD communication for SP: " + spEntityID + " ....");
+      final boolean ccAuthRequested = StringUtils.isNotEmpty(super.selectProcess(context, pendingReq));
       if (uniqueIDsEnabled.contains(spEntityID) && ccAuthRequested) {
-        Logger.debug("EHVD communication is allowed for SP: " + spEntityID);                  
+        Logger.debug("EHVD communication is allowed for SP: " + spEntityID);
         return "DefaultAuthenticationWithEHVDInteraction";
 
       } else {
         if (Logger.isDebugEnabled()) {
           if (ccAuthRequested) {
             Logger.debug("Unique SP-Id: " + spEntityID + " is not in whitelist for EHVD communication.");
-          
+
           } else {
             Logger.trace("No CititzenCard authentication requested. EHVD communication skipped too");
-          
+
           }
         }
       }
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthSpringResourceProvider.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthSpringResourceProvider.java
index ea0695a1a..589a316fe 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthSpringResourceProvider.java
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/EhvdServiceAuthSpringResourceProvider.java
@@ -33,30 +33,39 @@ import at.gv.egiz.components.spring.api.SpringResourceProvider;
  */
 public class EhvdServiceAuthSpringResourceProvider implements SpringResourceProvider {
 
-	/* (non-Javadoc)
-	 * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getResourcesToLoad()
-	 */
-	@Override
-	public Resource[] getResourcesToLoad() {
-		ClassPathResource authConfig = new ClassPathResource("/moaid_ehvd_service_auth.beans.xml", EhvdServiceAuthSpringResourceProvider.class);							
-		return new Resource[] {authConfig};
-	}
+  /*
+   * (non-Javadoc)
+   *
+   * @see
+   * at.gv.egiz.components.spring.api.SpringResourceProvider#getResourcesToLoad()
+   */
+  @Override
+  public Resource[] getResourcesToLoad() {
+    final ClassPathResource authConfig = new ClassPathResource("/moaid_ehvd_service_auth.beans.xml",
+        EhvdServiceAuthSpringResourceProvider.class);
+    return new Resource[] { authConfig };
+  }
 
-	/* (non-Javadoc)
-	 * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getPackagesToScan()
-	 */
-	@Override
-	public String[] getPackagesToScan() {
-		// TODO Auto-generated method stub
-		return null;
-	}
+  /*
+   * (non-Javadoc)
+   *
+   * @see
+   * at.gv.egiz.components.spring.api.SpringResourceProvider#getPackagesToScan()
+   */
+  @Override
+  public String[] getPackagesToScan() {
+    // TODO Auto-generated method stub
+    return null;
+  }
 
-	/* (non-Javadoc)
-	 * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getName()
-	 */
-	@Override
-	public String getName() {
-		return "Module for 'Dummy Authentication'";
-	}
+  /*
+   * (non-Javadoc)
+   *
+   * @see at.gv.egiz.components.spring.api.SpringResourceProvider#getName()
+   */
+  @Override
+  public String getName() {
+    return "Module for 'Dummy Authentication'";
+  }
 
 }
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/PvpRoleAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/PvpRoleAttributeBuilder.java
index 0f1c96aa8..a79aa86dd 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/PvpRoleAttributeBuilder.java
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/PvpRoleAttributeBuilder.java
@@ -15,44 +15,43 @@ import at.gv.egovernment.moa.logging.Logger;
 public class PvpRoleAttributeBuilder implements IPVPAttributeBuilder {
 
   private static final String ROLE_NAME_DELIMITER = ";";
-  
+
   @Override
   public <ATT> ATT build(ISPConfiguration oaParam, IAuthData authData,
       IAttributeGenerator<ATT> g) throws AttributeBuilderException {
     if (authData instanceof IMOAAuthData) {
-      IMOAAuthData moaAuthData = (IMOAAuthData)authData;
-      if (moaAuthData.getAuthenticationRoles() != null 
+      final IMOAAuthData moaAuthData = (IMOAAuthData) authData;
+      if (moaAuthData.getAuthenticationRoles() != null
           && !moaAuthData.getAuthenticationRoles().isEmpty()) {
         return g.buildStringAttribute(ROLES_FRIENDLY_NAME, ROLES_NAME,
             moaAuthData.getAuthenticationRoles().stream()
                 .map(el -> el.getRawRoleString())
                 .collect(Collectors.joining(ROLE_NAME_DELIMITER)));
-        
-        
+
       } else {
         Logger.trace("No PVP roles available. Skipping attribute: " + ROLES_FRIENDLY_NAME);
-        
+
       }
-            
+
     } else {
       Logger.info("Attribute: " + ROLES_FRIENDLY_NAME + " is only available in MOA-ID context");
-      
+
     }
-       
+
     return null;
-    
+
   }
 
   @Override
   public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) {
     return g.buildEmptyAttribute(ROLES_FRIENDLY_NAME, ROLES_NAME);
-    
+
   }
 
   @Override
   public String getName() {
     return ROLES_NAME;
-    
+
   }
-  
+
 }
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/exception/EhvdException.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/exception/EhvdException.java
index daab154bc..f621d1bb4 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/exception/EhvdException.java
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/exception/EhvdException.java
@@ -2,7 +2,7 @@ package at.gv.egovernment.moa.id.auth.modules.ehvd.exception;
 
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 
-public class EhvdException extends AuthenticationException{
+public class EhvdException extends AuthenticationException {
 
   private static final long serialVersionUID = 380654627005502948L;
 
@@ -15,5 +15,5 @@ public class EhvdException extends AuthenticationException{
     super(messageId, parameters, e);
 
   }
-  
+
 }
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java
index a25a7f421..900adaff7 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java
@@ -2,10 +2,12 @@ package at.gv.egovernment.moa.id.auth.modules.ehvd.service;
 
 import java.net.URL;
 import java.util.ArrayList;
-import java.util.Collections;
 import java.util.List;
 import java.util.Map;
+import java.util.Optional;
 import java.util.Set;
+import java.util.regex.Matcher;
+import java.util.regex.Pattern;
 
 import javax.annotation.Nonnull;
 import javax.annotation.PostConstruct;
@@ -29,6 +31,7 @@ import at.gv.egiz.eaaf.core.exceptions.EAAFBuilderException;
 import at.gv.egiz.eaaf.core.exceptions.EAAFConfigurationException;
 import at.gv.egiz.eaaf.core.impl.data.Pair;
 import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BPKBuilder;
+import at.gv.egiz.eaaf.core.impl.utils.KeyValueUtils;
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
 import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.EHVD;
@@ -55,16 +58,20 @@ public class EhvdCommunicationService implements IEhvdCommunication {
   private static final String ERROR_EHVD_01 = "ehvd.01";
   private static final String ERROR_EHVD_02 = "ehvd.02";
   private static final String ERROR_EHVD_03 = "ehvd.03";
+  private static final String ERROR_EHVD_04 = "ehvd.04";
   private static final String ERROR_CONFIG_05 = "config.05";
-  
+
   private static final Set<String> SERVICE_ERRORS_LOG_INFO = Sets.newHashSet("6002");
-  
+
   @Autowired
   IConfiguration config;
 
   private String ehvdBpkTarget;
 
   private EHVD ehvdClient;
+  private Pattern ehvdRolePattern;
+
+  private List<String> ehvhPvpRoleList;
 
   /**
    * Get user's GDA roles from EHVD Service.
@@ -102,9 +109,9 @@ public class EhvdCommunicationService implements IEhvdCommunication {
       Logger.debug("Receive GDA status. Starting response validation ... ");
       return gdaResp;
 
-    } catch  (final SOAPFaultException e) {
+    } catch (final SOAPFaultException e) {
       throw handleSoapFaultError(e);
-      
+
     } catch (final Exception e) {
       Logger.error("EHVD communication failed with generic error: " + e.getMessage(), e);
       throw new EhvdException(ERROR_EHVD_01, new Object[] {}, e);
@@ -114,24 +121,25 @@ public class EhvdCommunicationService implements IEhvdCommunication {
   }
 
   private EhvdException handleSoapFaultError(SOAPFaultException e) {
-    // extract reason for this error 
-    String errorMsg = e.getFault() != null 
-        ? StringUtils.isNotEmpty(e.getFault().getFaultString()) ? e.getFault().getFaultString() : e.getMessage() 
+    // extract reason for this error
+    final String errorMsg = e.getFault() != null
+        ? StringUtils.isNotEmpty(e.getFault().getFaultString()) ? e.getFault().getFaultString()
+            : e.getMessage()
         : e.getMessage();
-    
+
     if (SERVICE_ERRORS_LOG_INFO.stream()
-            .filter(el -> errorMsg.contains(el))
-            .findFirst()
-            .isPresent()) {
-      Logger.info("EHVD communication failed with SOAP response: " + errorMsg);  
-      
+        .filter(el -> errorMsg.contains(el))
+        .findFirst()
+        .isPresent()) {
+      Logger.info("EHVD communication failed with SOAP response: " + errorMsg);
+
     } else {
       Logger.warn("EHVD communication failed with SOAP response: " + errorMsg, e);
-      
-    }    
-          
-    return new EhvdException(ERROR_EHVD_02, new Object[] {errorMsg});
-   
+
+    }
+
+    return new EhvdException(ERROR_EHVD_02, new Object[] { errorMsg });
+
   }
 
   private List<String> parseGdaResponse(GdaIndexResponse ehvdResp) throws EhvdException {
@@ -139,7 +147,24 @@ public class EhvdCommunicationService implements IEhvdCommunication {
       final GdaDescriptor gdaInfo = ehvdResp.getGda();
       if (GDA_RESP_STATUS_ACTIVE.equals(gdaInfo.getStatus().getEhvdstatus())) {
         Logger.debug("Find #" + gdaInfo.getRoles().getRole().size() + " roles");
-        return gdaInfo.getRoles().getRole();
+
+        // match roles with regex from configuration
+        final Optional<String> validGdaRole = gdaInfo.getRoles().getRole().stream()
+            .filter(el -> matchGdaRole(el))
+            .findFirst();
+
+        if (validGdaRole.isPresent()) {
+          Logger.info("Find valid GDA role: " + validGdaRole.get() + " Set PVP Role: "
+              + StringUtils.join(ehvhPvpRoleList, ",") + " into Session");
+
+          // set role into response
+          return ehvhPvpRoleList;
+
+        } else {
+          Logger.info("No valid GDA role in EHVD response");
+          throw new EhvdException(ERROR_EHVD_04, null);
+
+        }
 
       } else {
         Logger.info("GDA is marked as 'inactive'. Stopping process with an error ... ");
@@ -150,11 +175,19 @@ public class EhvdCommunicationService implements IEhvdCommunication {
     } else {
       Logger.info("Receive empty GDA response");
       throw new EhvdException(ERROR_EHVD_03, new Object[] {});
-      
 
     }
   }
 
+  private boolean matchGdaRole(String role) {
+    final Matcher matcher = ehvdRolePattern.matcher(role);
+    final boolean matches = matcher.matches();
+    Logger.trace(matches ? "EHVD role: " + role + " matches"
+        : "EHVD role: " + role + " does not matche to pattern: " + matcher.toString());
+    return matches;
+
+  }
+
   private GetGdaDescriptors buildGdaRequest(String bPK) {
     final GetGdaDescriptors req = new GetGdaDescriptors();
     final InstanceIdentifier gdaIdentifier = new InstanceIdentifier();
@@ -170,17 +203,45 @@ public class EhvdCommunicationService implements IEhvdCommunication {
     if (config.getBasicConfigurationBoolean(ConfigurationProperties.PROP_MODULE_ENABLED, false)) {
       initializeEhvdClient();
 
+      // load EHVD bPK target
       ehvdBpkTarget = config.getBasicConfiguration(
           ConfigurationProperties.PROP_MODULE_SERVICE_TARGET,
           ConfigurationProperties.DEFAULT_EHVD_SERVICE_TARGET);
       Logger.info("Set-up EHVD Client with bPK target: " + ehvdBpkTarget);
 
+      // load Regex to match EHVD Roles to PVP Roles
+      final String ehvdRoleRegex = config.getBasicConfiguration(
+          ConfigurationProperties.PROP_MODULE_EHVD_ROLE_REGEX);
+      checkConfigPropertyNotNull(ehvdRoleRegex, ConfigurationProperties.PROP_MODULE_EHVD_ROLE_REGEX);
+      ehvdRolePattern = Pattern.compile(ehvdRoleRegex);
+
+      Logger.info("Set-up EHVD Client with Role regex: " + ehvdRolePattern.toString());
+
+      // load PVP Roles for EHVD integration
+      final String ehvdPvpRole = config.getBasicConfiguration(
+          ConfigurationProperties.PROP_MODULE_PVP_ROLE);
+      checkConfigPropertyNotNull(ehvdPvpRole, ConfigurationProperties.PROP_MODULE_PVP_ROLE);
+      ehvhPvpRoleList = KeyValueUtils.getListOfCSVValues(ehvdPvpRole);
+      Logger.info("Set-up EHVD module with PVP Role: " + StringUtils.join(ehvhPvpRoleList, ","));
+
     } else {
       Logger.info("Skipping EHVD client because it's not active");
 
     }
   }
 
+  private void checkConfigPropertyNotNull(String valueToCheck, String configPropName)
+      throws EAAFConfigurationException {
+    if (StringUtils.isEmpty(valueToCheck)) {
+      Logger.error("Missing configuration for EHVD module. "
+          + "(Property: " + configPropName + ")");
+      throw new EAAFConfigurationException(ERROR_CONFIG_05,
+          new Object[] { configPropName });
+
+    }
+
+  }
+
   private void initializeEhvdClient() throws EAAFConfigurationException {
     Logger.debug("Initializing EHVD client ... ");
     final URL url = EhvdCommunicationService.class.getResource("/wsdl/eHVD.wsdl");
@@ -214,9 +275,9 @@ public class EhvdCommunicationService implements IEhvdCommunication {
 
     Logger.info("Initialize EHVD Client with service end-point: " + ehvdEndpointUrl);
 
-
     // these code is only for local testing
-    String socksPort = config.getBasicConfiguration(ConfigurationProperties.PROP_MODULE_PROXY_SOCKS_PORT);
+    final String socksPort = config.getBasicConfiguration(
+        ConfigurationProperties.PROP_MODULE_PROXY_SOCKS_PORT);
     if (StringUtils.isNotEmpty(socksPort)) {
       Logger.warn("Injecting SOCKS5 Proxy for service communication!");
       final Client client = ClientProxy.getClient(ehvdClient);
@@ -224,9 +285,9 @@ public class EhvdCommunicationService implements IEhvdCommunication {
       http.getClient().setProxyServerType(ProxyServerType.SOCKS);
       http.getClient().setProxyServer("127.0.0.1");
       http.getClient().setProxyServerPort(Integer.valueOf(socksPort));
-      
+
     }
-    
+
   }
 
 }
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/IEhvdCommunication.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/IEhvdCommunication.java
index 8a9c7db5c..2d9291ed7 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/IEhvdCommunication.java
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/IEhvdCommunication.java
@@ -2,8 +2,6 @@ package at.gv.egovernment.moa.id.auth.modules.ehvd.service;
 
 import java.util.List;
 
-import javax.annotation.Nonnull;
-
 import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
 import at.gv.egiz.eaaf.core.exceptions.EAAFBuilderException;
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
@@ -12,11 +10,11 @@ public interface IEhvdCommunication {
 
   /**
    * Get user's GDA roles from EHVD Service.
-   * 
+   *
    * @param identityLink IdentityLink of the user
    * @return {@link List} of Roles that are received from EHVD
    * @throws AuthenticationException In case of an EHVD communication error
-   * @throws EAAFBuilderException  In case of a bPK generation error
+   * @throws EAAFBuilderException    In case of a bPK generation error
    */
   List<String> getRoles(IIdentityLink identityLink) throws AuthenticationException, EAAFBuilderException;
 
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/task/InjectEhvdInformationTask.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/task/InjectEhvdInformationTask.java
index b44863b80..8f22c6ffc 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/task/InjectEhvdInformationTask.java
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/task/InjectEhvdInformationTask.java
@@ -31,16 +31,14 @@ import org.apache.commons.lang3.StringUtils;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 
+import at.gv.egiz.eaaf.core.api.data.PVPAttributeDefinitions;
 import at.gv.egiz.eaaf.core.api.idp.process.ExecutionContext;
 import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
-import at.gv.egiz.eaaf.core.impl.data.Pair;
-import at.gv.egiz.eaaf.core.impl.idp.auth.builder.BPKBuilder;
 import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
 import at.gv.egovernment.moa.id.auth.modules.ehvd.service.IEhvdCommunication;
 import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
-import at.gv.egovernment.moa.id.protocols.pvp2x.PVPConstants;
 import at.gv.egovernment.moa.logging.Logger;
 
 /**
@@ -50,8 +48,9 @@ import at.gv.egovernment.moa.logging.Logger;
 @Component("InjectEhvdInformationTask")
 public class InjectEhvdInformationTask extends AbstractAuthServletTask {
 
-  @Autowired IEhvdCommunication ehvdService;
-  
+  @Autowired
+  IEhvdCommunication ehvdService;
+
   /*
    * (non-Javadoc)
    *
@@ -66,17 +65,19 @@ public class InjectEhvdInformationTask extends AbstractAuthServletTask {
       HttpServletResponse response)
       throws TaskExecutionException {
     try {
-      final AuthenticationSessionWrapper session = pendingReq.getSessionData(AuthenticationSessionWrapper.class);
-      
+      final AuthenticationSessionWrapper session = pendingReq.getSessionData(
+          AuthenticationSessionWrapper.class);
+
       // validate internal state
       validateInternalState(session);
-            
+
       // requesting roles from EHVD
-      List<String> ehvdRoles = ehvdService.getRoles(session.getIdentityLink());
-            
-      // inject EHVD roles      
-      session.setGenericDataToSession(PVPConstants.ROLES_NAME, StringUtils.join(ehvdRoles, ";"));
-      
+      final List<String> ehvdRoles = ehvdService.getRoles(session.getIdentityLink());
+
+      // inject EHVD roles
+      session.setGenericDataToSession(PVPAttributeDefinitions.ROLES_NAME,
+          StringUtils.join(ehvdRoles, ";"));
+
       // store MOASession into database
       requestStoreage.storePendingRequest(pendingReq);
 
@@ -90,14 +91,13 @@ public class InjectEhvdInformationTask extends AbstractAuthServletTask {
   }
 
   private void validateInternalState(AuthenticationSessionWrapper session) throws AuthenticationException {
-    //check if identityLink is available
-    if (session.getIdentityLink() == null ) {
+    // check if identityLink is available
+    if (session.getIdentityLink() == null) {
       Logger.error("No IdentityLink in session. There is an internal error in process definition");
       throw new AuthenticationException("process.04", null);
-      
+
     }
-    
-    
+
   }
 
 }
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/id_messages.properties b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/id_messages.properties
index 643893413..b4a752a2d 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/id_messages.properties
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/id_messages.properties
@@ -2,5 +2,6 @@ ehvd.00=F
 ehvd.01=Technischer Fehler bei der Abfrage von GDA Informationen. Ursache: {0}
 ehvd.02=Fehler bei der Abfrage von GDA Informationen. Ursache: {0}
 ehvd.03=Antwort des EHVD Service beinhaltet keine GDA Informationen
+ehvd.04=Keine gültige EHVD Role gefunden 
 
 ehvd.99=Allgemeiner Fehler bei der Abfrage des EHVD Service
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/protocol_response_statuscodes.properties b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/protocol_response_statuscodes.properties
index 72048b8e3..5c98c199b 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/protocol_response_statuscodes.properties
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/protocol_response_statuscodes.properties
@@ -5,4 +5,5 @@ ehvd.00=7000
 ehvd.01=7001
 ehvd.02=7001
 ehvd.03=7001
+ehvd.04=7002
 ehvd.99=7099
\ No newline at end of file
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/PvpRoleAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/PvpRoleAttributeBuilderTest.java
index df02c6f4e..cabd8df19 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/PvpRoleAttributeBuilderTest.java
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/PvpRoleAttributeBuilderTest.java
@@ -1,6 +1,7 @@
 package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes;
 
 import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertNotNull;
 import static org.junit.Assert.assertNull;
 
@@ -27,6 +28,7 @@ import at.gv.egiz.eaaf.core.impl.idp.builder.SimpleStringAttributeGenerator;
 import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration;
 import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.PvpRoleAttributeBuilder;
 import at.gv.egovernment.moa.id.data.AuthenticationRole;
+import at.gv.egovernment.moa.id.data.AuthenticationRoleFactory;
 import at.gv.egovernment.moa.id.data.MOAAuthenticationData;
 
 @RunWith(SpringJUnit4ClassRunner.class)
@@ -99,6 +101,8 @@ public class PvpRoleAttributeBuilderTest {
     
     // validate state
     assertNotNull("wrong attr. value", attrValue);
+    assertFalse("List delimiter after last element" ,attrValue.endsWith(";"));
+    
     
     String[] el = attrValue.split(";");
     assertEquals("wrong role count", 4, el.length);
@@ -110,6 +114,28 @@ public class PvpRoleAttributeBuilderTest {
     
   }
   
+  @Test
+  public void brzProductionRole() throws AttributeBuilderException {            
+    
+    IAuthData authData = generateAuthData(Arrays.asList(
+        AuthenticationRoleFactory.buildFormPVPole("EPI-GDA()")));
+    
+    // perform test
+    String attrValue = toTest.build(oaParam, authData, g);
+    
+    // validate state
+    assertNotNull("wrong attr. value", attrValue);
+    assertFalse("List delimiter after last element" ,attrValue.endsWith(";"));
+    
+    
+    String[] el = attrValue.split(";");
+    assertEquals("wrong role count", 1, el.length);
+    assertEquals("wrong 1. role", "EPI-GDA()", el[0]);
+    
+    assertEquals("wrong role attr. value", "EPI-GDA()", attrValue);
+    
+  }
+  
   private IAuthData generateAuthData(List<AuthenticationRole> roles) {
     MOAAuthenticationData authData = new MOAAuthenticationData(null);
     if (roles != null) {
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationTaskTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationTaskTest.java
index 8620ef98b..adedd1d02 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationTaskTest.java
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationTaskTest.java
@@ -7,7 +7,6 @@ import static org.junit.Assert.fail;
 import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.Mockito.when;
 
-import java.net.SocketTimeoutException;
 import java.util.Arrays;
 import java.util.HashMap;
 import java.util.Iterator;
@@ -213,13 +212,61 @@ public class InjectEhvdIdentityInformationTaskTest {
     }    
   }
   
+
   @Test
-  public void validateState() throws TaskExecutionException, PendingReqIdValidationException {
+  public void noValidGdaRole() throws TaskExecutionException, PendingReqIdValidationException {
     // set-up EHVD response
     String role1 = RandomStringUtils.randomAlphabetic(10);
     String role2 = RandomStringUtils.randomAlphabetic(10);
     when(ehvdService.getGDA(any())).thenReturn(generateGdaResponse(true, Arrays.asList(role1, role2)));
 
+    try {
+      task.execute(pendingReq, context);
+      fail("wrong state not detected");
+
+    } catch (final TaskExecutionException e) {
+      Assert.isInstanceOf(AuthenticationException.class, e.getOriginalException(), "wrong execpetion");
+      assertEquals("wrong errorCode", "ehvd.04", ((EAAFException) e.getOriginalException()).getErrorId());
+
+    }    
+  }
+  
+  
+  @Test
+  public void validateStateWithRandomData() throws TaskExecutionException, PendingReqIdValidationException {
+    // set-up EHVD response
+    String role1 = RandomStringUtils.randomAlphabetic(10);
+    String role2 = "1.2.40.0.34.5.2:101";
+    String role3 = RandomStringUtils.randomAlphabetic(10);
+    when(ehvdService.getGDA(any())).thenReturn(generateGdaResponse(true, Arrays.asList(role1, role2, role3)));
+
+    task.execute(pendingReq, context);
+
+    // validate state
+    final IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId());
+    assertNotNull("pendingReq not stored", storedReq);
+
+    final AuthenticationSessionWrapper moaSession = storedReq.getSessionData(
+        AuthenticationSessionWrapper.class);
+
+    assertFalse("foreign", moaSession.isForeigner());
+    assertFalse("mandate", moaSession.isMandateUsed());
+    assertEquals("missing attributes", 1, moaSession.getGenericSessionDataStorage().size());    
+    assertNotNull("no Role attr", moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME));
+    assertEquals("wrong role attr", 
+        "EPI-GDA()", 
+        moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME, String.class));
+    
+  }
+  
+  @Test
+  public void validateState() throws TaskExecutionException, PendingReqIdValidationException {
+    // set-up EHVD response
+    String role1 = "1.2.40.0.33.5.2.101";
+    String role2 = "1.2.40.0.34.5.2:100";
+    String role3 = RandomStringUtils.randomAlphabetic(10);
+    when(ehvdService.getGDA(any())).thenReturn(generateGdaResponse(true, Arrays.asList(role1, role2, role3)));
+
     task.execute(pendingReq, context);
 
     // validate state
@@ -234,11 +281,38 @@ public class InjectEhvdIdentityInformationTaskTest {
     assertEquals("missing attributes", 1, moaSession.getGenericSessionDataStorage().size());    
     assertNotNull("no Role attr", moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME));
     assertEquals("wrong role attr", 
-        role1 + ";" + role2, 
+        "EPI-GDA()", 
         moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME, String.class));
     
   }
 
+  @Test
+  public void validateStateSecondOid() throws TaskExecutionException, PendingReqIdValidationException {
+    // set-up EHVD response
+    String role1 = "1.2.40.0.33.5.2.101";
+    String role2 = "1.2.40.0.34.5.2:158";
+    String role3 = RandomStringUtils.randomAlphabetic(10);
+    when(ehvdService.getGDA(any())).thenReturn(generateGdaResponse(true, Arrays.asList(role1, role2, role3)));
+
+    task.execute(pendingReq, context);
+
+    // validate state
+    final IRequest storedReq = storage.getPendingRequest(pendingReq.getPendingRequestId());
+    assertNotNull("pendingReq not stored", storedReq);
+
+    final AuthenticationSessionWrapper moaSession = storedReq.getSessionData(
+        AuthenticationSessionWrapper.class);
+
+    assertFalse("foreign", moaSession.isForeigner());
+    assertFalse("mandate", moaSession.isMandateUsed());
+    assertEquals("missing attributes", 1, moaSession.getGenericSessionDataStorage().size());    
+    assertNotNull("no Role attr", moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME));
+    assertEquals("wrong role attr", 
+        "EPI-GDA()", 
+        moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME, String.class));
+    
+  }
+  
   private GdaIndexResponse generateGdaResponse(boolean isActive, List<String> roles) {
     GdaIndexResponse resp = new GdaIndexResponse();
     GdaDescriptor gda = new GdaDescriptor();        
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config1.properties b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config1.properties
index 43e900f4b..263192c07 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config1.properties
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config1.properties
@@ -6,3 +6,6 @@ modules.ehvd.sp.4=435344534egewgegf
 
 modules.ehvd.service.url=http://localhost:1234/ehvd
 #modules.ehvd.service.url=https://ehvdwsqs.gesundheit.gv.at
+
+modules.ehvd.role.pvp=EPI-GDA()
+modules.ehvd.service.role.regex=^1\.2\.40\.0\.34\.5\.2\:(100|101|158)$
\ No newline at end of file
-- 
cgit v1.2.3


From 37a34d1422fbde8813b4a6027b33e0549d753637 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Wed, 8 Sep 2021 13:46:32 +0200
Subject: switch EHVD module to RC1 version

---
 id/server/auth-edu/pom.xml   | 2 +-
 id/server/auth-final/pom.xml | 5 +++++
 2 files changed, 6 insertions(+), 1 deletion(-)

(limited to 'id/server')

diff --git a/id/server/auth-edu/pom.xml b/id/server/auth-edu/pom.xml
index 6a8110a28..7d9f0ed44 100644
--- a/id/server/auth-edu/pom.xml
+++ b/id/server/auth-edu/pom.xml
@@ -228,7 +228,7 @@
 		 	<artifactId>moa-id-module-EID_connector</artifactId>
 		</dependency>
 
-    <dependency>
+    	<dependency>
 			<groupId>MOA.id.server.modules</groupId>
     	<artifactId>moa-id-module-ehvd_integration</artifactId>
     </dependency>    
diff --git a/id/server/auth-final/pom.xml b/id/server/auth-final/pom.xml
index 50075abfe..1f5582339 100644
--- a/id/server/auth-final/pom.xml
+++ b/id/server/auth-final/pom.xml
@@ -170,6 +170,11 @@
           <groupId>MOA.id.server.modules</groupId>
           <artifactId>moa-id-module-EID_connector</artifactId>
         </dependency>
+        
+        <dependency>
+          <groupId>MOA.id.server.modules</groupId>
+     	  <artifactId>moa-id-module-ehvd_integration</artifactId>
+        </dependency>
 
 				
         <!-- transitive dependencies we don't want to include into the war -->
-- 
cgit v1.2.3


From e0f2c884de659fb1bd3670bdc1ac04edf2382552 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Tue, 14 Sep 2021 12:11:11 +0200
Subject: add jUnit test to check generic data-transfer in
 AuthenticationDataBuilder

---
 .../auth/data/AuthenticationDataBuilderTest.java   | 34 +++++++++++++++++++++-
 1 file changed, 33 insertions(+), 1 deletion(-)

(limited to 'id/server')

diff --git a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/AuthenticationDataBuilderTest.java b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/AuthenticationDataBuilderTest.java
index 645cb601f..a3a717072 100644
--- a/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/AuthenticationDataBuilderTest.java
+++ b/id/server/idserverlib/src/test/java/at/gv/egovernment/moa/id/config/auth/data/AuthenticationDataBuilderTest.java
@@ -1,9 +1,12 @@
 package at.gv.egovernment.moa.id.config.auth.data;
 
+import static org.junit.Assert.assertEquals;
+
 import java.io.ByteArrayInputStream;
 import java.util.Arrays;
 import java.util.List;
 
+import org.apache.commons.lang3.RandomStringUtils;
 import org.junit.Test;
 import org.junit.runner.RunWith;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -13,6 +16,8 @@ import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
 import at.gv.egiz.eaaf.core.impl.data.Pair;
 import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
 import at.gv.egovernment.moa.id.auth.builder.AuthenticationDataBuilder;
+import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
+
 import at.gv.egovernment.moa.id.auth.parser.IdentityLinkAssertionParser;
 import at.gv.egovernment.moa.id.commons.api.data.IAuthenticationSession;
 import at.gv.egovernment.moa.id.data.IMOAAuthData;
@@ -153,6 +158,33 @@ public class AuthenticationDataBuilderTest {
 		
 	}  
 	  
+	@Test
+	public void genericDataTransfer() throws Exception {	  
+	   TestRequestImpl pendingReq = new TestRequestImpl();
+	   DummyOAConfig oaParam = new DummyOAConfig();
+	   oaParam.setHasBaseIdTransferRestriction(false);
+	   oaParam.setTarget("urn:publicid:gv.at:cdid+ZP-MH");
+	   oaParam.setForeignbPKSectors(Arrays.asList("wbpk+FN+195738a"));
+	   pendingReq.setSpConfig(oaParam);
+	  
+	   final AuthenticationSessionWrapper session = pendingReq.getSessionData(
+         AuthenticationSessionWrapper.class);
+	   session.setIdentityLink(new IdentityLinkAssertionParser(new ByteArrayInputStream(Base64Utils.decode(DUMMY_IDL_1, false))).parseIdentityLink());
+	   
+	   // set random data to transfer
+	   String key = RandomStringUtils.randomAlphabetic(5);
+	   String value = RandomStringUtils.randomAlphabetic(5);
+     session.setGenericDataToSession(key, value);
+	   
+     
+     // execute test
+     IMOAAuthData authData = (IMOAAuthData) authBuilder.buildAuthenticationData(pendingReq);
+     
+	   
+     assertEquals("generic data-transfer failed", value, authData.getGenericData(key, String.class));
+     
+	}
+	
 	  
 	@Test
 	public void buildAuthDataWithIDLOnly_1() throws Exception {
@@ -166,7 +198,7 @@ public class AuthenticationDataBuilderTest {
 		IAuthenticationSession session = new DummyAuthSession();
 		session.setIdentityLink(new IdentityLinkAssertionParser(new ByteArrayInputStream(Base64Utils.decode(DUMMY_IDL_1, false))).parseIdentityLink());
 		pendingReq.setRawDataToTransaction(session.getKeyValueRepresentationFromAuthSession());
-		
+				
 		
 		IMOAAuthData authData = (IMOAAuthData) authBuilder.buildAuthenticationData(pendingReq);
 		
-- 
cgit v1.2.3


From 664c9bcffc537dc206140f03ca0a7c9b81b396cd Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Tue, 14 Sep 2021 12:37:14 +0200
Subject: update EHVD communication-task to implement new requirements from BRZ

---
 .../auth/modules/ehvd/ConfigurationProperties.java | 12 +++++++
 .../ehvd/service/EhvdCommunicationService.java     | 32 +++++++++++++++--
 .../modules/ehvd/service/IEhvdCommunication.java   |  7 ++--
 .../ehvd/task/InjectEhvdInformationTask.java       | 10 ++++--
 .../InjectEhvdIdentityInformationTaskTest.java     | 42 +++++++++++++++++++---
 5 files changed, 90 insertions(+), 13 deletions(-)

(limited to 'id/server')

diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java
index 035e59387..d1f7c47b2 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java
@@ -42,6 +42,18 @@ public class ConfigurationProperties {
 
   public static final String DEFAULT_EHVD_SERVICE_TARGET = EAAFConstants.URN_PREFIX_CDID + "GH";
 
+  
+  //TODO: define custom EHVD SAML2 attributes
+  public static final String ATTRIBUTE_URN_EHVD_PREFIX = "urn:brzgvat:attributes.ehvd.";
+  public static final String ATTRIBUTE_URN_EHVD_TITLE = ATTRIBUTE_URN_EHVD_PREFIX + "title";
+  public static final String ATTRIBUTE_URN_EHVD_FIRSTNAME = ATTRIBUTE_URN_EHVD_PREFIX + "firstname";
+  public static final String ATTRIBUTE_URN_EHVD_SURNAME = ATTRIBUTE_URN_EHVD_PREFIX + "surname";
+  public static final String ATTRIBUTE_URN_EHVD_ZIPCODE = ATTRIBUTE_URN_EHVD_PREFIX + "zip";
+  public static final String ATTRIBUTE_URN_EHVD_STATE = ATTRIBUTE_URN_EHVD_PREFIX + "state";
+  public static final String ATTRIBUTE_URN_EHVD_ID = ATTRIBUTE_URN_EHVD_PREFIX + "id";
+  public static final String ATTRIBUTE_URN_EHVD_OTHERID = ATTRIBUTE_URN_EHVD_PREFIX + "otherid";
+  
+  
   private ConfigurationProperties() {
     // hide constructor or static class
   }
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java
index 900adaff7..cf58fe718 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java
@@ -83,7 +83,7 @@ public class EhvdCommunicationService implements IEhvdCommunication {
    */
   @Override
   @Nonnull
-  public List<String> getRoles(IIdentityLink identityLink) throws AuthenticationException,
+  public EhvdResponseHolder getRoles(IIdentityLink identityLink) throws AuthenticationException,
       EAAFBuilderException {
 
     // get bPK for EHVD request
@@ -96,7 +96,7 @@ public class EhvdCommunicationService implements IEhvdCommunication {
     final GdaIndexResponse gdaResp = requestingGda(ehvdBpk.getFirst());
 
     // parse roles from response
-    return parseGdaResponse(gdaResp);
+    return EhvdResponseHolder.getInstance(gdaResp.getGda(), parseGdaResponse(gdaResp));
 
   }
 
@@ -287,7 +287,33 @@ public class EhvdCommunicationService implements IEhvdCommunication {
       http.getClient().setProxyServerPort(Integer.valueOf(socksPort));
 
     }
-
   }
 
+  public static class EhvdResponseHolder {
+    final List<String> roles;
+    final GdaDescriptor fullGdaResponse;
+    
+    
+    public static EhvdResponseHolder getInstance(GdaDescriptor gdaInfo, List<String> processedRoles) {
+      return new EhvdResponseHolder(gdaInfo, processedRoles);
+      
+    }
+    
+    private EhvdResponseHolder(GdaDescriptor gdaInfo, List<String> processedRoles) {
+      this.roles = processedRoles;
+      this.fullGdaResponse = gdaInfo;
+      
+    }
+
+    public List<String> getRoles() {
+      return roles;
+    }
+
+    public GdaDescriptor getFullGdaResponse() {
+      return fullGdaResponse;
+    }
+    
+    
+    
+  }
 }
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/IEhvdCommunication.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/IEhvdCommunication.java
index 2d9291ed7..6b7c7e2f5 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/IEhvdCommunication.java
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/IEhvdCommunication.java
@@ -1,10 +1,9 @@
 package at.gv.egovernment.moa.id.auth.modules.ehvd.service;
 
-import java.util.List;
-
 import at.gv.egiz.eaaf.core.api.idp.auth.data.IIdentityLink;
 import at.gv.egiz.eaaf.core.exceptions.EAAFBuilderException;
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.service.EhvdCommunicationService.EhvdResponseHolder;
 
 public interface IEhvdCommunication {
 
@@ -12,10 +11,10 @@ public interface IEhvdCommunication {
    * Get user's GDA roles from EHVD Service.
    *
    * @param identityLink IdentityLink of the user
-   * @return {@link List} of Roles that are received from EHVD
+   * @return {@link EhvdResponseHolder} that contains the Roles received from EHVD and the full GDA response
    * @throws AuthenticationException In case of an EHVD communication error
    * @throws EAAFBuilderException    In case of a bPK generation error
    */
-  List<String> getRoles(IIdentityLink identityLink) throws AuthenticationException, EAAFBuilderException;
+  EhvdResponseHolder getRoles(IIdentityLink identityLink) throws AuthenticationException, EAAFBuilderException;
 
 }
\ No newline at end of file
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/task/InjectEhvdInformationTask.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/task/InjectEhvdInformationTask.java
index 8f22c6ffc..ee5dbb2fd 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/task/InjectEhvdInformationTask.java
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/task/InjectEhvdInformationTask.java
@@ -37,6 +37,8 @@ import at.gv.egiz.eaaf.core.exceptions.TaskExecutionException;
 import at.gv.egiz.eaaf.core.impl.idp.auth.modules.AbstractAuthServletTask;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.service.EhvdCommunicationService.EhvdResponseHolder;
 import at.gv.egovernment.moa.id.auth.modules.ehvd.service.IEhvdCommunication;
 import at.gv.egovernment.moa.id.commons.api.exceptions.MOAIDException;
 import at.gv.egovernment.moa.logging.Logger;
@@ -72,12 +74,16 @@ public class InjectEhvdInformationTask extends AbstractAuthServletTask {
       validateInternalState(session);
 
       // requesting roles from EHVD
-      final List<String> ehvdRoles = ehvdService.getRoles(session.getIdentityLink());
+      final EhvdResponseHolder ehvdResponse = ehvdService.getRoles(session.getIdentityLink());
 
       // inject EHVD roles
       session.setGenericDataToSession(PVPAttributeDefinitions.ROLES_NAME,
-          StringUtils.join(ehvdRoles, ";"));
+          StringUtils.join(ehvdResponse.getRoles(), ";"));
 
+      // inject full EHVD response
+      session.setGenericDataToSession(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, 
+          ehvdResponse.getFullGdaResponse());
+      
       // store MOASession into database
       requestStoreage.storePendingRequest(pendingReq);
 
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationTaskTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationTaskTest.java
index adedd1d02..818a2c34b 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationTaskTest.java
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/tasks/InjectEhvdIdentityInformationTaskTest.java
@@ -1,8 +1,10 @@
 package at.gv.egovernment.moa.id.auth.modules.ehvd.test.tasks;
 
+import static org.hamcrest.CoreMatchers.instanceOf;
 import static org.junit.Assert.assertEquals;
 import static org.junit.Assert.assertFalse;
 import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertTrue;
 import static org.junit.Assert.fail;
 import static org.mockito.ArgumentMatchers.any;
 import static org.mockito.Mockito.when;
@@ -61,11 +63,14 @@ import at.gv.egiz.eaaf.core.impl.idp.module.test.TestRequestImpl;
 import at.gv.egiz.eaaf.core.impl.idp.process.ExecutionContextImpl;
 import at.gv.egovernment.moa.id.auth.data.AuthenticationSessionWrapper;
 import at.gv.egovernment.moa.id.auth.exception.AuthenticationException;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
 import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.EHVD;
 import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GDARoles;
 import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GDAStatus;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaAddress;
 import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
 import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaIndexResponse;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.InstanceIdentifier;
 import at.gv.egovernment.moa.id.auth.modules.ehvd.task.InjectEhvdInformationTask;
 import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.DummyAuthConfigMap;
 import at.gv.egovernment.moa.id.auth.modules.ehvd.test.dummy.TestUtils;
@@ -251,7 +256,7 @@ public class InjectEhvdIdentityInformationTaskTest {
 
     assertFalse("foreign", moaSession.isForeigner());
     assertFalse("mandate", moaSession.isMandateUsed());
-    assertEquals("missing attributes", 1, moaSession.getGenericSessionDataStorage().size());    
+    assertEquals("missing attributes", 2, moaSession.getGenericSessionDataStorage().size());    
     assertNotNull("no Role attr", moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME));
     assertEquals("wrong role attr", 
         "EPI-GDA()", 
@@ -278,7 +283,7 @@ public class InjectEhvdIdentityInformationTaskTest {
 
     assertFalse("foreign", moaSession.isForeigner());
     assertFalse("mandate", moaSession.isMandateUsed());
-    assertEquals("missing attributes", 1, moaSession.getGenericSessionDataStorage().size());    
+    assertEquals("missing attributes", 2, moaSession.getGenericSessionDataStorage().size());    
     assertNotNull("no Role attr", moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME));
     assertEquals("wrong role attr", 
         "EPI-GDA()", 
@@ -292,7 +297,8 @@ public class InjectEhvdIdentityInformationTaskTest {
     String role1 = "1.2.40.0.33.5.2.101";
     String role2 = "1.2.40.0.34.5.2:158";
     String role3 = RandomStringUtils.randomAlphabetic(10);
-    when(ehvdService.getGDA(any())).thenReturn(generateGdaResponse(true, Arrays.asList(role1, role2, role3)));
+    GdaIndexResponse gdaResponse = generateGdaResponse(true, Arrays.asList(role1, role2, role3));
+    when(ehvdService.getGDA(any())).thenReturn(gdaResponse);
 
     task.execute(pendingReq, context);
 
@@ -305,11 +311,17 @@ public class InjectEhvdIdentityInformationTaskTest {
 
     assertFalse("foreign", moaSession.isForeigner());
     assertFalse("mandate", moaSession.isMandateUsed());
-    assertEquals("missing attributes", 1, moaSession.getGenericSessionDataStorage().size());    
+    assertEquals("missing attributes", 2, moaSession.getGenericSessionDataStorage().size());    
     assertNotNull("no Role attr", moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME));
     assertEquals("wrong role attr", 
         "EPI-GDA()", 
         moaSession.getGenericDataFromSession(PVPConstants.ROLES_NAME, String.class));
+        
+    assertNotNull("no full GDA response", 
+        moaSession.getGenericDataFromSession(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX));
+    assertTrue("wrong GDA response type",
+        moaSession.getGenericDataFromSession(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX) instanceof GdaDescriptor);
+    
     
   }
   
@@ -322,6 +334,20 @@ public class InjectEhvdIdentityInformationTaskTest {
     gda.setStatus(status);
     status.setEhvdstatus(isActive ? "Aktiv" : "Inaktiv");
     
+    gda.setFirstname(RandomStringUtils.randomAlphabetic(5));
+    gda.setSurname(RandomStringUtils.randomAlphabetic(5));
+    gda.setTitle(RandomStringUtils.randomAlphabetic(5));
+    
+    InstanceIdentifier id = new InstanceIdentifier();
+    id.setId(RandomStringUtils.randomAlphabetic(5));
+    gda.setId(id);
+    
+    gda.getOtherID().add(RandomStringUtils.randomAlphabetic(5));
+    gda.getOtherID().add(RandomStringUtils.randomAlphabetic(5));
+    
+    gda.getAddress().add(generateAddress());
+    gda.getAddress().add(generateAddress());
+    
     GDARoles gdaRoles = new GDARoles();
     gda.setRoles(gdaRoles);
     gdaRoles.getRole().addAll(roles);
@@ -329,6 +355,14 @@ public class InjectEhvdIdentityInformationTaskTest {
     return resp;
   }
   
+  private GdaAddress generateAddress() {        
+    GdaAddress address = new GdaAddress();    
+    address.setZip(RandomStringUtils.randomNumeric(4));
+    address.setState(RandomStringUtils.randomAlphabetic(10));    
+    return address;
+    
+  }
+
   private SOAPFault generateSoaFault(String msg) {
     return new SOAPFault() {
       
-- 
cgit v1.2.3


From 90eac625e68bdb9aaf1397b04f242fb94381bd4c Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Thu, 16 Sep 2021 09:48:24 +0200
Subject: add new attribute builder for EHVD specific attributes

---
 .../auth/modules/ehvd/ConfigurationProperties.java |   1 +
 .../attributes/AbstractEhvdAttributeBuilder.java   |  51 ++++++++++
 .../EhvdAddressStateAttributeBuilder.java          |  28 ++++++
 .../EhvdAddressZipcodeAttributeBuilder.java        |  28 ++++++
 .../attributes/EhvdFirstnameAttributeBuilder.java  |  22 +++++
 .../ehvd/attributes/EhvdIdAttributeBuilder.java    |  22 +++++
 .../attributes/EhvdOtherIdAttributeBuilder.java    |  54 +++++++++++
 .../attributes/EhvdSurnameAttributeBuilder.java    |  22 +++++
 .../ehvd/attributes/EhvdTitelAttributeBuilder.java |  22 +++++
 .../at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder |   4 +
 .../AbstractEhvdAttributeBuilderTest.java          |  97 +++++++++++++++++++
 .../EhvdAddressStateAttributeBuilderTest.java      | 106 ++++++++++++++++++++
 .../EhvdAddressZipAttributeBuilderTest.java        | 107 +++++++++++++++++++++
 .../EhvdFirstnameAttributeBuilderTest.java         |  47 +++++++++
 .../attributes/EhvdIdAttributeBuilderTest.java     |  64 ++++++++++++
 .../EhvdOtherIdAttributeBuilderTest.java           |  86 +++++++++++++++++
 .../EhvdSurnameAttributeBuilderTest.java           |  48 +++++++++
 .../attributes/EhvdTitelAttributeBuilderTest.java  |  46 +++++++++
 .../attributes/PvpRoleAttributeBuilderTest.java    |   9 ++
 .../src/test/resources/config/config1.properties   |   2 +-
 .../resources/config/config_qs_service.properties  |   3 +
 21 files changed, 868 insertions(+), 1 deletion(-)
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/AbstractEhvdAttributeBuilder.java
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdAddressStateAttributeBuilder.java
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdAddressZipcodeAttributeBuilder.java
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdFirstnameAttributeBuilder.java
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdIdAttributeBuilder.java
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdOtherIdAttributeBuilder.java
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdSurnameAttributeBuilder.java
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdTitelAttributeBuilder.java
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/AbstractEhvdAttributeBuilderTest.java
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdAddressStateAttributeBuilderTest.java
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdAddressZipAttributeBuilderTest.java
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdFirstnameAttributeBuilderTest.java
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdIdAttributeBuilderTest.java
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdOtherIdAttributeBuilderTest.java
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdSurnameAttributeBuilderTest.java
 create mode 100644 id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdTitelAttributeBuilderTest.java

(limited to 'id/server')

diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java
index d1f7c47b2..6cb9c08e3 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/ConfigurationProperties.java
@@ -35,6 +35,7 @@ public class ConfigurationProperties {
   public static final String PROP_MODULE_SERVICE_TARGET = MODULE_PREFIX + "service.bpk.target";
   public static final String PROP_MODULE_SERVICE_ENDPOINT = MODULE_PREFIX + "service.url";
   public static final String PROP_MODULE_EHVD_ROLE_REGEX = MODULE_PREFIX + "service.role.regex";
+  public static final String PROP_MODULE_EHVD_OTHERID_PREFIX = MODULE_PREFIX + "service.otherid.prefix";
 
   public static final String PROP_MODULE_PVP_ROLE = MODULE_PREFIX + "role.pvp";
 
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/AbstractEhvdAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/AbstractEhvdAttributeBuilder.java
new file mode 100644
index 000000000..af413ffc3
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/AbstractEhvdAttributeBuilder.java
@@ -0,0 +1,51 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes;
+
+import org.apache.commons.lang3.StringUtils;
+
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IPVPAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.ISPConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+import at.gv.egovernment.moa.logging.Logger;
+
+public abstract class AbstractEhvdAttributeBuilder implements IPVPAttributeBuilder {
+
+  @Override
+  public <ATT> ATT build(ISPConfiguration spConfig, IAuthData authData, IAttributeGenerator<ATT> g)
+      throws AttributeBuilderException {
+    try {
+      GdaDescriptor fullGdaInfo = 
+          authData.getGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, GdaDescriptor.class);
+    
+      if (fullGdaInfo != null) {
+        String attrValue = generateAttributeValue(fullGdaInfo);
+        Logger.debug(StringUtils.isEmpty(attrValue) ? "Skip" : "Build" 
+            + "attribute: " + getName());      
+        return g.buildStringAttribute(getName(), getName(), 
+            StringUtils.isNotEmpty(attrValue) ? attrValue : null);
+      
+      } else {
+        Logger.trace("Skipping attr: " + getName() + " because no GDA info available");
+        return null;
+        
+      }
+      
+    } catch (ClassCastException e) {
+      Logger.trace("Skipping attr: " + getName() + " because no GDA info available");
+      return null;
+      
+    }
+  }
+
+  @Override
+  public <ATT> ATT buildEmpty(IAttributeGenerator<ATT> g) {
+    return g.buildEmptyAttribute(getName(), getName());
+    
+  }
+  
+  protected abstract String generateAttributeValue(GdaDescriptor fullGdaInfo);
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdAddressStateAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdAddressStateAttributeBuilder.java
new file mode 100644
index 000000000..7056c3099
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdAddressStateAttributeBuilder.java
@@ -0,0 +1,28 @@
+//package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes;
+//
+//import java.util.stream.Collectors;
+//
+//import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+//
+//@PVPMETADATA
+//public class EhvdAddressStateAttributeBuilder extends AbstractEhvdAttributeBuilder {
+//
+//  private static final String ATTR_VALUE_DELIMITER = "|";
+//  
+//  @Override
+//  public String getName() {
+//    return ConfigurationProperties.ATTRIBUTE_URN_EHVD_STATE;
+//    
+//  }
+//
+//  @Override
+//  protected String generateAttributeValue(GdaDescriptor fullGdaInfo) {
+//    return fullGdaInfo.getAddress().stream()
+//        .map(el -> el.getState() != null ? el.getState() : "")       
+//        .collect(Collectors.joining(ATTR_VALUE_DELIMITER));
+//    
+//  }
+//
+//}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdAddressZipcodeAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdAddressZipcodeAttributeBuilder.java
new file mode 100644
index 000000000..98a0567f2
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdAddressZipcodeAttributeBuilder.java
@@ -0,0 +1,28 @@
+//package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes;
+//
+//import java.util.stream.Collectors;
+//
+//import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+//
+//@PVPMETADATA
+//public class EhvdAddressZipcodeAttributeBuilder extends AbstractEhvdAttributeBuilder {
+//
+//  private static final String ATTR_VALUE_DELIMITER = "|";
+//  
+//  @Override
+//  public String getName() {
+//    return ConfigurationProperties.ATTRIBUTE_URN_EHVD_ZIPCODE;
+//    
+//  }
+//
+//  @Override
+//  protected String generateAttributeValue(GdaDescriptor fullGdaInfo) {
+//    return fullGdaInfo.getAddress().stream()
+//        .map(el -> el.getZip() != null ? el.getZip() : "")
+//        .collect(Collectors.joining(ATTR_VALUE_DELIMITER));
+//    
+//  }
+//
+//}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdFirstnameAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdFirstnameAttributeBuilder.java
new file mode 100644
index 000000000..1bb923cf4
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdFirstnameAttributeBuilder.java
@@ -0,0 +1,22 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes;
+
+import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+
+@PVPMETADATA
+public class EhvdFirstnameAttributeBuilder extends AbstractEhvdAttributeBuilder {
+
+  @Override
+  public String getName() {
+    return ConfigurationProperties.ATTRIBUTE_URN_EHVD_FIRSTNAME;
+    
+  }
+
+  @Override
+  protected String generateAttributeValue(GdaDescriptor fullGdaInfo) {
+    return fullGdaInfo.getFirstname();
+    
+  }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdIdAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdIdAttributeBuilder.java
new file mode 100644
index 000000000..918b02c2e
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdIdAttributeBuilder.java
@@ -0,0 +1,22 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes;
+
+import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+
+@PVPMETADATA
+public class EhvdIdAttributeBuilder extends AbstractEhvdAttributeBuilder {
+
+  @Override
+  public String getName() {
+    return ConfigurationProperties.ATTRIBUTE_URN_EHVD_ID;
+    
+  }
+
+  @Override
+  protected String generateAttributeValue(GdaDescriptor fullGdaInfo) {    
+    return fullGdaInfo.getId() != null ? fullGdaInfo.getId().getId() : null;
+    
+  }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdOtherIdAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdOtherIdAttributeBuilder.java
new file mode 100644
index 000000000..2d0e20c9c
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdOtherIdAttributeBuilder.java
@@ -0,0 +1,54 @@
+//package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes;
+//
+//import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+//import at.gv.egovernment.moa.id.commons.api.AuthConfiguration;
+//import at.gv.egovernment.moa.id.commons.api.exceptions.ConfigurationException;
+//import at.gv.egovernment.moa.id.config.auth.AuthConfigurationProviderFactory;
+//import at.gv.egovernment.moa.logging.Logger;
+//
+//@PVPMETADATA
+//public class EhvdOtherIdAttributeBuilder extends AbstractEhvdAttributeBuilder {
+//
+//  private static final String DEFAULT_ID_PREFIX = "1.2.40.0.34.4.18:";
+//
+//  private String idPrefix;
+//  
+//  public EhvdOtherIdAttributeBuilder() {   
+//    try {
+//      AuthConfiguration config = AuthConfigurationProviderFactory.getInstance();
+//      if (config != null) {
+//        idPrefix = config.getBasicConfiguration(
+//            ConfigurationProperties.PROP_MODULE_EHVD_OTHERID_PREFIX, DEFAULT_ID_PREFIX);
+//        
+//      } else {
+//        idPrefix = DEFAULT_ID_PREFIX;
+//        
+//      }
+//    } catch (ConfigurationException e) {
+//      idPrefix = DEFAULT_ID_PREFIX;
+//      
+//    }
+//        
+//    Logger.info("  Set-up " + getName() + " with otherId prefix: " + idPrefix);
+//    
+//  }
+//  
+//  @Override
+//  public String getName() {
+//    return ConfigurationProperties.ATTRIBUTE_URN_EHVD_OTHERID;
+//
+//  }
+//
+//  @Override
+//  protected String generateAttributeValue(GdaDescriptor fullGdaInfo) {    
+//    return fullGdaInfo.getOtherID().stream()
+//        .filter(el -> el.startsWith(idPrefix))
+//        .findFirst()
+//        .map(el -> el.substring(idPrefix.length()))
+//        .orElse(null);
+//    
+//  }
+//
+//}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdSurnameAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdSurnameAttributeBuilder.java
new file mode 100644
index 000000000..db8de397b
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdSurnameAttributeBuilder.java
@@ -0,0 +1,22 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes;
+
+import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+
+@PVPMETADATA
+public class EhvdSurnameAttributeBuilder extends AbstractEhvdAttributeBuilder {
+
+  @Override
+  public String getName() {
+    return ConfigurationProperties.ATTRIBUTE_URN_EHVD_SURNAME;
+    
+  }
+
+  @Override
+  protected String generateAttributeValue(GdaDescriptor fullGdaInfo) {
+    return fullGdaInfo.getSurname();
+    
+  }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdTitelAttributeBuilder.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdTitelAttributeBuilder.java
new file mode 100644
index 000000000..c978d4dd2
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/attributes/EhvdTitelAttributeBuilder.java
@@ -0,0 +1,22 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.attributes;
+
+import at.gv.egiz.eaaf.core.impl.idp.builder.attributes.PVPMETADATA;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+
+@PVPMETADATA
+public class EhvdTitelAttributeBuilder extends AbstractEhvdAttributeBuilder {
+
+  @Override
+  public String getName() {
+    return ConfigurationProperties.ATTRIBUTE_URN_EHVD_TITLE;
+    
+  }
+
+  @Override
+  protected String generateAttributeValue(GdaDescriptor fullGdaInfo) {
+    return fullGdaInfo.getTitle();
+    
+  }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder
index 4dd043048..44f8d26cf 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/META-INF/services/at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder
@@ -1 +1,5 @@
 at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.PvpRoleAttributeBuilder
+at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder
+at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdFirstnameAttributeBuilder
+at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdSurnameAttributeBuilder
+at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdIdAttributeBuilder
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/AbstractEhvdAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/AbstractEhvdAttributeBuilderTest.java
new file mode 100644
index 000000000..b1ac7d99a
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/AbstractEhvdAttributeBuilderTest.java
@@ -0,0 +1,97 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNotNull;
+import static org.junit.Assert.assertNull;
+
+import java.util.Collections;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Before;
+import org.junit.Test;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.api.idp.IAttributeGenerator;
+import at.gv.egiz.eaaf.core.api.idp.IAuthData;
+import at.gv.egiz.eaaf.core.api.idp.IConfiguration;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
+import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData;
+import at.gv.egiz.eaaf.core.impl.idp.builder.SimpleStringAttributeGenerator;
+import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration;
+import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PVPAttributeBuilder;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaAddress;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+
+public abstract class AbstractEhvdAttributeBuilderTest {
+
+  @Autowired
+  protected IConfiguration basicConfig;
+  
+  protected DummySPConfiguration oaParam;
+  protected AuthenticationData authData;  
+  protected IAttributeGenerator<String> g = new SimpleStringAttributeGenerator();  
+  
+  protected abstract String expectedAttrName();  
+  protected abstract IAttributeBuilder getAttributeBuilderUnderTest();
+  
+  protected GdaAddress generateAddress(String zip, String state) {
+    GdaAddress addr = new GdaAddress();
+    addr.setZip(zip);
+    addr.setState(state);    
+    return addr;
+    
+  }
+  
+  @Before
+  public void initialize() {
+    oaParam = new DummySPConfiguration(Collections.emptyMap(), basicConfig);    
+    authData = new AuthenticationData();
+    
+  }
+  
+  @Test
+  public void checkAttributeRegistration() {
+    assertNotNull("Attribute: " + expectedAttrName() + " not registrated", 
+        PVPAttributeBuilder.getAttributeBuilder(expectedAttrName()));
+    
+  }
+  
+  @Test
+  public void checkName() {    
+    assertEquals("wrong attr. name", expectedAttrName(), getAttributeBuilderUnderTest().getName());
+    
+  }
+  
+  @Test
+  public void checkEmptyAttribute() {    
+    assertNull("wrong empty attr.", getAttributeBuilderUnderTest().buildEmpty(g));
+    
+  }
+  
+  @Test
+  public void noGdaInfos() throws AttributeBuilderException {
+    IAuthData authData = new AuthenticationData();
+    assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g));
+    
+  }
+  
+  @Test
+  public void wrongGdaInfos() throws AttributeBuilderException, EAAFStorageException {
+    AuthenticationData authData = new AuthenticationData();
+    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, RandomStringUtils.randomAlphabetic(10));
+    assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g));
+    
+  }
+  
+  @Test
+  public void emptyGdaInfos() throws AttributeBuilderException, EAAFStorageException {
+    AuthenticationData authData = new AuthenticationData();
+    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, new GdaDescriptor());
+    assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g));
+    
+  }
+  
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdAddressStateAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdAddressStateAttributeBuilderTest.java
new file mode 100644
index 000000000..d342d331b
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdAddressStateAttributeBuilderTest.java
@@ -0,0 +1,106 @@
+//package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes;
+//
+//import static org.junit.Assert.assertEquals;
+//import static org.junit.Assert.assertNull;
+//
+//import org.apache.commons.lang3.RandomStringUtils;
+//import org.junit.Test;
+//import org.junit.runner.RunWith;
+//import org.springframework.test.context.ContextConfiguration;
+//import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+//
+//import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+//import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+//import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdAddressStateAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdAddressZipcodeAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdFirstnameAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdOtherIdAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdSurnameAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaAddress;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.InstanceIdentifier;
+//
+//@RunWith(SpringJUnit4ClassRunner.class)
+//@ContextConfiguration({
+//    "/test_ehvd_service_auth.beans.xml" })
+//public class EhvdAddressStateAttributeBuilderTest extends AbstractEhvdAttributeBuilderTest {
+//
+//  @Override
+//  protected String expectedAttrName() {
+//    return "urn:brzgvat:attributes.ehvd.state";
+//
+//  }
+//
+//  @Override
+//  protected IAttributeBuilder getAttributeBuilderUnderTest() {
+//    return new EhvdAddressStateAttributeBuilder();
+//
+//  }
+//
+//  @Test
+//  public void checkMissing() throws EAAFStorageException, AttributeBuilderException {
+//    final GdaDescriptor gdaInfo = new GdaDescriptor();            
+//    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+//    assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+//  }
+//  
+//  @Test
+//  public void singleAddress() throws EAAFStorageException, AttributeBuilderException {
+//    String state = RandomStringUtils.randomAlphabetic(5);
+//    final GdaDescriptor gdaInfo = new GdaDescriptor();
+//    gdaInfo.getAddress().add(generateAddress(RandomStringUtils.randomNumeric(5), state));
+//        
+//    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+//    assertEquals("wrong empty attr.", state, 
+//        getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+//  }
+//  
+//  @Test
+//  public void multiAddress() throws EAAFStorageException, AttributeBuilderException {
+//    String state1 = RandomStringUtils.randomAlphabetic(4);
+//    String state2 = RandomStringUtils.randomAlphabetic(4);
+//    final GdaDescriptor gdaInfo = new GdaDescriptor();
+//    gdaInfo.getAddress().add(generateAddress(RandomStringUtils.randomNumeric(4), state1));
+//    gdaInfo.getAddress().add(generateAddress(RandomStringUtils.randomNumeric(4), state2));
+//        
+//    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+//    assertEquals("wrong empty attr.", state1 + "|" + state2, 
+//        getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+//  }
+//  
+//  @Test
+//  public void multiAddressNullBefore() throws EAAFStorageException, AttributeBuilderException {
+//    String state1 = null;
+//    String state2 = RandomStringUtils.randomAlphabetic(4);
+//    final GdaDescriptor gdaInfo = new GdaDescriptor();
+//    gdaInfo.getAddress().add(generateAddress(RandomStringUtils.randomNumeric(4), state1));
+//    gdaInfo.getAddress().add(generateAddress(RandomStringUtils.randomNumeric(4), state2));
+//        
+//    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+//    assertEquals("wrong empty attr.", "|" + state2, 
+//        getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+//  }
+//  
+//  @Test
+//  public void multiAddressNullAfter() throws EAAFStorageException, AttributeBuilderException {
+//    String state1 = RandomStringUtils.randomAlphabetic(4);
+//    String state2 = null;
+//    final GdaDescriptor gdaInfo = new GdaDescriptor();
+//    gdaInfo.getAddress().add(generateAddress(RandomStringUtils.randomNumeric(4), state1));
+//    gdaInfo.getAddress().add(generateAddress(RandomStringUtils.randomNumeric(4), state2));
+//        
+//    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+//    assertEquals("wrong empty attr.", state1 + "|", 
+//        getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+//  }
+//  
+//
+//}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdAddressZipAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdAddressZipAttributeBuilderTest.java
new file mode 100644
index 000000000..69d17f8c3
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdAddressZipAttributeBuilderTest.java
@@ -0,0 +1,107 @@
+//package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes;
+//
+//import static org.junit.Assert.assertEquals;
+//import static org.junit.Assert.assertNull;
+//
+//import org.apache.commons.lang3.RandomStringUtils;
+//import org.junit.Test;
+//import org.junit.runner.RunWith;
+//import org.springframework.test.context.ContextConfiguration;
+//import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+//
+//import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+//import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+//import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdAddressZipcodeAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdFirstnameAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdOtherIdAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdSurnameAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaAddress;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.InstanceIdentifier;
+//
+//@RunWith(SpringJUnit4ClassRunner.class)
+//@ContextConfiguration({
+//    "/test_ehvd_service_auth.beans.xml" })
+//public class EhvdAddressZipAttributeBuilderTest extends AbstractEhvdAttributeBuilderTest {
+//
+//  @Override
+//  protected String expectedAttrName() {
+//    return "urn:brzgvat:attributes.ehvd.zip";
+//
+//  }
+//
+//  @Override
+//  protected IAttributeBuilder getAttributeBuilderUnderTest() {
+//    return new EhvdAddressZipcodeAttributeBuilder();
+//
+//  }
+//
+//  @Test
+//  public void checkMissing() throws EAAFStorageException, AttributeBuilderException {
+//    final GdaDescriptor gdaInfo = new GdaDescriptor();            
+//    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+//    assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+//  }
+//  
+//  @Test
+//  public void singleAddress() throws EAAFStorageException, AttributeBuilderException {
+//    String zip = RandomStringUtils.randomNumeric(4);
+//    final GdaDescriptor gdaInfo = new GdaDescriptor();
+//    gdaInfo.getAddress().add(generateAddress(
+//        zip,
+//        RandomStringUtils.randomAlphabetic(5)));
+//        
+//    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+//    assertEquals("wrong empty attr.", zip, 
+//        getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+//  }
+//  
+//  @Test
+//  public void multiAddress() throws EAAFStorageException, AttributeBuilderException {
+//    String zip1 = RandomStringUtils.randomNumeric(4);
+//    String zip2 = RandomStringUtils.randomNumeric(4);
+//    final GdaDescriptor gdaInfo = new GdaDescriptor();
+//    gdaInfo.getAddress().add(generateAddress(zip1, RandomStringUtils.randomAlphabetic(5)));
+//    gdaInfo.getAddress().add(generateAddress(zip2, RandomStringUtils.randomAlphabetic(5)));
+//        
+//    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+//    assertEquals("wrong empty attr.", zip1 + "|" + zip2, 
+//        getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+//  }
+//  
+//  @Test
+//  public void multiAddressNullBefore() throws EAAFStorageException, AttributeBuilderException {
+//    String zip1 = null;
+//    String zip2 = RandomStringUtils.randomNumeric(4);
+//    final GdaDescriptor gdaInfo = new GdaDescriptor();
+//    gdaInfo.getAddress().add(generateAddress(zip1, RandomStringUtils.randomAlphabetic(5)));
+//    gdaInfo.getAddress().add(generateAddress(zip2, RandomStringUtils.randomAlphabetic(5)));
+//        
+//    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+//    assertEquals("wrong empty attr.", "|" + zip2, 
+//        getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+//  }
+//  
+//  @Test
+//  public void multiAddressNullAfter() throws EAAFStorageException, AttributeBuilderException {
+//    String zip1 = RandomStringUtils.randomNumeric(4);
+//    String zip2 = null;
+//    final GdaDescriptor gdaInfo = new GdaDescriptor();
+//    gdaInfo.getAddress().add(generateAddress(zip1, RandomStringUtils.randomAlphabetic(5)));
+//    gdaInfo.getAddress().add(generateAddress(zip2, RandomStringUtils.randomAlphabetic(5)));
+//        
+//    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+//    assertEquals("wrong empty attr.", zip1 + "|", 
+//        getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+//  }
+//  
+//
+//}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdFirstnameAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdFirstnameAttributeBuilderTest.java
new file mode 100644
index 000000000..66f1b5028
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdFirstnameAttributeBuilderTest.java
@@ -0,0 +1,47 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes;
+
+import static org.junit.Assert.assertEquals;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdFirstnameAttributeBuilder;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+    "/test_ehvd_service_auth.beans.xml" })
+public class EhvdFirstnameAttributeBuilderTest extends AbstractEhvdAttributeBuilderTest {
+
+  @Override
+  protected String expectedAttrName() {
+    return "urn:brzgvat:attributes.ehvd.firstname";
+
+  }
+
+  @Override
+  protected IAttributeBuilder getAttributeBuilderUnderTest() {
+    return new EhvdFirstnameAttributeBuilder();
+
+  }
+
+  @Test
+  public void checkValid() throws EAAFStorageException, AttributeBuilderException {
+    final GdaDescriptor gdaInfo = new GdaDescriptor();
+    gdaInfo.setFirstname(RandomStringUtils.randomAlphabetic(5));
+
+    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+    assertEquals("wrong empty attr.", gdaInfo.getFirstname(),
+        getAttributeBuilderUnderTest().build(oaParam, authData, g));
+
+  }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdIdAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdIdAttributeBuilderTest.java
new file mode 100644
index 000000000..db73f9191
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdIdAttributeBuilderTest.java
@@ -0,0 +1,64 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes;
+
+import static org.junit.Assert.assertEquals;
+import static org.junit.Assert.assertNull;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdFirstnameAttributeBuilder;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdIdAttributeBuilder;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdSurnameAttributeBuilder;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.InstanceIdentifier;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+    "/test_ehvd_service_auth.beans.xml" })
+public class EhvdIdAttributeBuilderTest extends AbstractEhvdAttributeBuilderTest {
+
+  @Override
+  protected String expectedAttrName() {
+    return "urn:brzgvat:attributes.ehvd.id";
+
+  }
+
+  @Override
+  protected IAttributeBuilder getAttributeBuilderUnderTest() {
+    return new EhvdIdAttributeBuilder();
+
+  }
+
+  @Test
+  public void checkMissingId() throws EAAFStorageException, AttributeBuilderException {
+    final GdaDescriptor gdaInfo = new GdaDescriptor();
+    InstanceIdentifier id = new InstanceIdentifier();
+    gdaInfo.setId(id );
+        
+    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+    assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g));
+
+  }
+  
+  @Test
+  public void checkValid() throws EAAFStorageException, AttributeBuilderException {
+    final GdaDescriptor gdaInfo = new GdaDescriptor();
+    InstanceIdentifier id = new InstanceIdentifier();
+    id.setId(RandomStringUtils.randomAlphabetic(5));
+    gdaInfo.setId(id );
+        
+    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+    assertEquals("wrong empty attr.", id.getId(),
+        getAttributeBuilderUnderTest().build(oaParam, authData, g));
+
+  }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdOtherIdAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdOtherIdAttributeBuilderTest.java
new file mode 100644
index 000000000..bce8924d9
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdOtherIdAttributeBuilderTest.java
@@ -0,0 +1,86 @@
+//package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes;
+//
+//import static org.junit.Assert.assertEquals;
+//import static org.junit.Assert.assertNull;
+//
+//import org.apache.commons.lang3.RandomStringUtils;
+//import org.junit.Test;
+//import org.junit.runner.RunWith;
+//import org.springframework.test.context.ContextConfiguration;
+//import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+//
+//import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+//import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+//import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdFirstnameAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdOtherIdAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdSurnameAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+//import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.InstanceIdentifier;
+//
+//@RunWith(SpringJUnit4ClassRunner.class)
+//@ContextConfiguration({
+//    "/test_ehvd_service_auth.beans.xml" })
+//public class EhvdOtherIdAttributeBuilderTest extends AbstractEhvdAttributeBuilderTest {
+//
+//  @Override
+//  protected String expectedAttrName() {
+//    return "urn:brzgvat:attributes.ehvd.otherid";
+//
+//  }
+//
+//  @Override
+//  protected IAttributeBuilder getAttributeBuilderUnderTest() {
+//    return new EhvdOtherIdAttributeBuilder();
+//
+//  }
+//
+//  @Test
+//  public void checkMissingId() throws EAAFStorageException, AttributeBuilderException {
+//    final GdaDescriptor gdaInfo = new GdaDescriptor();            
+//    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+//    assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+//  }
+//  
+//  @Test
+//  public void checkWrongId() throws EAAFStorageException, AttributeBuilderException {
+//    final GdaDescriptor gdaInfo = new GdaDescriptor();
+//    gdaInfo.getOtherID().add(RandomStringUtils.randomAlphabetic(10));
+//        
+//    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+//    assertNull("wrong empty attr.", getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+//  }
+//  
+//  @Test
+//  public void checkValidRandom() throws EAAFStorageException, AttributeBuilderException {   
+//    String value = RandomStringUtils.randomAlphabetic(5);    
+//    final GdaDescriptor gdaInfo = new GdaDescriptor();
+//    gdaInfo.getOtherID().add(RandomStringUtils.randomAlphabetic(10));
+//    gdaInfo.getOtherID().add("1.2.40.0.34.4.18:" + value);
+//
+//        
+//    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+//    assertEquals("wrong empty attr.", value,
+//        getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+//  }
+//  
+//  @Test
+//  public void checkValidBrzReal() throws EAAFStorageException, AttributeBuilderException {       
+//    final GdaDescriptor gdaInfo = new GdaDescriptor();
+//    gdaInfo.getOtherID().add(RandomStringUtils.randomAlphabetic(10));
+//    gdaInfo.getOtherID().add("1.2.40.0.34.4.18:1234-12");
+//    gdaInfo.getOtherID().add("1.2.40.0.34.4.17:aabbccdd");
+//
+//        
+//    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+//    assertEquals("wrong empty attr.", "1234-12",
+//        getAttributeBuilderUnderTest().build(oaParam, authData, g));
+//
+//  }
+//
+//}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdSurnameAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdSurnameAttributeBuilderTest.java
new file mode 100644
index 000000000..af9e60cb7
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdSurnameAttributeBuilderTest.java
@@ -0,0 +1,48 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes;
+
+import static org.junit.Assert.assertEquals;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdFirstnameAttributeBuilder;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdSurnameAttributeBuilder;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+    "/test_ehvd_service_auth.beans.xml" })
+public class EhvdSurnameAttributeBuilderTest extends AbstractEhvdAttributeBuilderTest {
+
+  @Override
+  protected String expectedAttrName() {
+    return "urn:brzgvat:attributes.ehvd.surname";
+
+  }
+
+  @Override
+  protected IAttributeBuilder getAttributeBuilderUnderTest() {
+    return new EhvdSurnameAttributeBuilder();
+
+  }
+
+  @Test
+  public void checkValid() throws EAAFStorageException, AttributeBuilderException {
+    final GdaDescriptor gdaInfo = new GdaDescriptor();
+    gdaInfo.setSurname(RandomStringUtils.randomAlphabetic(5));
+
+    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+    assertEquals("wrong empty attr.", gdaInfo.getSurname(),
+        getAttributeBuilderUnderTest().build(oaParam, authData, g));
+
+  }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdTitelAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdTitelAttributeBuilderTest.java
new file mode 100644
index 000000000..2863c3508
--- /dev/null
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/EhvdTitelAttributeBuilderTest.java
@@ -0,0 +1,46 @@
+package at.gv.egovernment.moa.id.auth.modules.ehvd.test.attributes;
+
+import static org.junit.Assert.assertEquals;
+
+import org.apache.commons.lang3.RandomStringUtils;
+import org.junit.Test;
+import org.junit.runner.RunWith;
+import org.springframework.test.context.ContextConfiguration;
+import org.springframework.test.context.junit4.SpringJUnit4ClassRunner;
+
+import at.gv.egiz.eaaf.core.api.idp.IAttributeBuilder;
+import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
+import at.gv.egiz.eaaf.core.exceptions.EAAFStorageException;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.ConfigurationProperties;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.EhvdTitelAttributeBuilder;
+import at.gv.egovernment.moa.id.auth.modules.ehvd.client.wsdl.GdaDescriptor;
+
+@RunWith(SpringJUnit4ClassRunner.class)
+@ContextConfiguration({
+    "/test_ehvd_service_auth.beans.xml" })
+public class EhvdTitelAttributeBuilderTest extends AbstractEhvdAttributeBuilderTest {
+
+  @Override
+  protected String expectedAttrName() {
+    return "urn:brzgvat:attributes.ehvd.title";
+
+  }
+
+  @Override
+  protected IAttributeBuilder getAttributeBuilderUnderTest() {
+    return new EhvdTitelAttributeBuilder();
+
+  }
+
+  @Test
+  public void checkTitelValid() throws EAAFStorageException, AttributeBuilderException {
+    final GdaDescriptor gdaInfo = new GdaDescriptor();
+    gdaInfo.setTitle(RandomStringUtils.randomAlphabetic(5));
+
+    authData.setGenericData(ConfigurationProperties.ATTRIBUTE_URN_EHVD_PREFIX, gdaInfo);
+    assertEquals("wrong empty attr.", gdaInfo.getTitle(),
+        getAttributeBuilderUnderTest().build(oaParam, authData, g));
+
+  }
+
+}
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/PvpRoleAttributeBuilderTest.java b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/PvpRoleAttributeBuilderTest.java
index cabd8df19..624abff5f 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/PvpRoleAttributeBuilderTest.java
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/java/at/gv/egovernment/moa/id/auth/modules/ehvd/test/attributes/PvpRoleAttributeBuilderTest.java
@@ -26,6 +26,7 @@ import at.gv.egiz.eaaf.core.exceptions.AttributeBuilderException;
 import at.gv.egiz.eaaf.core.impl.idp.AuthenticationData;
 import at.gv.egiz.eaaf.core.impl.idp.builder.SimpleStringAttributeGenerator;
 import at.gv.egiz.eaaf.core.impl.idp.module.test.DummySPConfiguration;
+import at.gv.egiz.eaaf.modules.pvp2.impl.builder.PVPAttributeBuilder;
 import at.gv.egovernment.moa.id.auth.modules.ehvd.attributes.PvpRoleAttributeBuilder;
 import at.gv.egovernment.moa.id.data.AuthenticationRole;
 import at.gv.egovernment.moa.id.data.AuthenticationRoleFactory;
@@ -50,6 +51,13 @@ public class PvpRoleAttributeBuilderTest {
     
   }
   
+  @Test
+  public void checkAttributeRegistration() {
+    assertNotNull("Attribute: urn:oid:1.2.40.0.10.2.1.1.261.30 not registrated", 
+        PVPAttributeBuilder.getAttributeBuilder("urn:oid:1.2.40.0.10.2.1.1.261.30"));
+    
+  }
+  
   @Test
   public void checkName() {    
     assertEquals("wrong attr. name", "urn:oid:1.2.40.0.10.2.1.1.261.30", toTest.getName());
@@ -69,6 +77,7 @@ public class PvpRoleAttributeBuilderTest {
     
   }
   
+  @Test
   public void noRoles() throws AttributeBuilderException {            
     IAuthData authData = generateAuthData(null);       
     assertNull("wrong attr. value", toTest.build(oaParam, authData, g));
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config1.properties b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config1.properties
index 263192c07..580af5559 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config1.properties
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config1.properties
@@ -8,4 +8,4 @@ modules.ehvd.service.url=http://localhost:1234/ehvd
 #modules.ehvd.service.url=https://ehvdwsqs.gesundheit.gv.at
 
 modules.ehvd.role.pvp=EPI-GDA()
-modules.ehvd.service.role.regex=^1\.2\.40\.0\.34\.5\.2\:(100|101|158)$
\ No newline at end of file
+modules.ehvd.service.role.regex=^1\.2\.40\.0\.34\.5\.2\:(100|101|158)$
diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config_qs_service.properties b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config_qs_service.properties
index 2f6c45365..dc8fe54d5 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config_qs_service.properties
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/test/resources/config/config_qs_service.properties
@@ -7,3 +7,6 @@ modules.ehvd.sp.4=435344534egewgegf
 modules.ehvd.service.url=https://ehvdwsqs.gesundheit.gv.at
 #modules.ehvd.service.bpk.target=
 modules.ehvd.proxy.socks.port=12345
+modules.ehvd.role.pvp=EPI-GDA()
+modules.ehvd.service.role.regex=^1\.2\.40\.0\.34\.5\.2\:(100|101|158)$
+#modules.ehvd.service.otherid.prefix=1.2.40.0.34.4.18:
\ No newline at end of file
-- 
cgit v1.2.3


From 876a6ffa92febc318c1708b752d9cb8d32d90138 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Tue, 28 Sep 2021 19:07:28 +0200
Subject: add new external errorCode to distiguish between no and empty
 response

---
 .../resources/properties/protocol_response_statuscodes.properties       | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'id/server')

diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/protocol_response_statuscodes.properties b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/protocol_response_statuscodes.properties
index 5c98c199b..d3ba65c11 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/protocol_response_statuscodes.properties
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/resources/resources/properties/protocol_response_statuscodes.properties
@@ -4,6 +4,6 @@ test.02=zzzyyyxxx
 ehvd.00=7000
 ehvd.01=7001
 ehvd.02=7001
-ehvd.03=7001
+ehvd.03=7003
 ehvd.04=7002
 ehvd.99=7099
\ No newline at end of file
-- 
cgit v1.2.3


From ac4812a1c4cccf61ba0843b04cb987df49f34e29 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Wed, 17 Nov 2021 08:22:46 +0100
Subject: distinguish between 'ERROR_EHVD_02' and 'ERROR_EHVD_03' based on
 error message

---
 .../moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java    | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

(limited to 'id/server')

diff --git a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java
index cf58fe718..b165d05e2 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java
+++ b/id/server/modules/moa-id-module-ehvd_integration/src/main/java/at/gv/egovernment/moa/id/auth/modules/ehvd/service/EhvdCommunicationService.java
@@ -132,13 +132,15 @@ public class EhvdCommunicationService implements IEhvdCommunication {
         .findFirst()
         .isPresent()) {
       Logger.info("EHVD communication failed with SOAP response: " + errorMsg);
+      return new EhvdException(ERROR_EHVD_03, new Object[] { errorMsg });
 
     } else {
       Logger.warn("EHVD communication failed with SOAP response: " + errorMsg, e);
+      return new EhvdException(ERROR_EHVD_02, new Object[] { errorMsg });
 
     }
 
-    return new EhvdException(ERROR_EHVD_02, new Object[] { errorMsg });
+    
 
   }
 
-- 
cgit v1.2.3


From 0436de6184c1a95d463da52929e3bf60923d6e04 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Mon, 13 Dec 2021 09:23:09 +0100
Subject: update third-party libs and resolve API issues

---
 id/server/idserverlib/pom.xml                      |  20 +-
 id/server/moa-id-commons/pom.xml                   |  10 +-
 .../moa-id-module-bkaMobilaAuthSAML2Test/pom.xml   |   4 +-
 id/server/modules/moa-id-module-eIDAS/pom.xml      |   4 +-
 .../modules/moa-id-module-ehvd_integration/pom.xml |   1 -
 id/server/modules/moa-id-module-openID/pom.xml     |   5 +-
 .../moa-id-module-sl20_authentication/pom.xml      |   6 +-
 .../sl20_auth/sl20/SL20JSONExtractorUtils.java     | 664 +++++++++++----------
 .../modules/moa-id-module-ssoTransfer/pom.xml      |   4 +-
 9 files changed, 371 insertions(+), 347 deletions(-)

(limited to 'id/server')

diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml
index e8b194f3f..4314bd3fd 100644
--- a/id/server/idserverlib/pom.xml
+++ b/id/server/idserverlib/pom.xml
@@ -287,6 +287,10 @@
 					<artifactId>bcprov-jdk15on</artifactId>
 					<groupId>org.bouncycastle</groupId>
 				</exclusion>
+				<exclusion>
+					<groupId>log4j</groupId>
+					<artifactId>log4j</artifactId>
+				</exclusion>
   			</exclusions>
   		</dependency>
 		<dependency>
@@ -321,7 +325,17 @@
   			<type>test-jar</type>
   			<classifier>tests</classifier>
   			<version>1.0.0</version>
-  			<scope>test</scope>  
+  			<scope>test</scope>
+  			<exclusions>
+  				<exclusion>
+  					<groupId>log4j</groupId>
+  					<artifactId>log4j</artifactId>
+  				</exclusion>
+  				<exclusion>
+  					<groupId>org.slf4j</groupId>
+  					<artifactId>slf4j-log4j12</artifactId>
+  				</exclusion>
+  			</exclusions>
 		</dependency>						
 <!-- 		<dependency>
   			<groupId>org.opensaml</groupId>
@@ -495,13 +509,13 @@
 	    <dependency>
 	    	<groupId>org.apache.commons</groupId>
 	    	<artifactId>commons-pool2</artifactId>
-	    	<version>2.9.0</version>
+	    	<version>2.11.1</version>
 	    </dependency>
 	    <dependency>
 	    	<groupId>redis.clients</groupId>
 	    	<artifactId>jedis</artifactId>
 	    	<!-- version>3.0.1</version -->
-	    	<version>3.3.0</version>
+	    	<version>3.7.1</version>
 	    </dependency>
 	
 <!-- 	    <dependency>
diff --git a/id/server/moa-id-commons/pom.xml b/id/server/moa-id-commons/pom.xml
index 452a566bf..2ab3b4c86 100644
--- a/id/server/moa-id-commons/pom.xml
+++ b/id/server/moa-id-commons/pom.xml
@@ -167,7 +167,6 @@
 		<dependency>
 			<groupId>joda-time</groupId>
 			<artifactId>joda-time</artifactId>
-			<version>${jodatime.version}</version>
 		</dependency>
 		<dependency>
 			<groupId>org.slf4j</groupId>
@@ -182,14 +181,9 @@
 			<artifactId>jul-to-slf4j</artifactId>
 		</dependency>
 		<dependency>
-			<groupId>org.slf4j</groupId>
-			<artifactId>slf4j-log4j12</artifactId>
+    		<groupId>org.apache.logging.log4j</groupId>
+    		<artifactId>log4j-slf4j-impl</artifactId>    	
 		</dependency>
-		<!-- <dependency> <groupId>log4j</groupId> <artifactId>log4j</artifactId> 
-			</dependency> -->
-		<!-- <dependency> <groupId>org.apache.logging.log4j</groupId> <artifactId>log4j-core</artifactId> 
-			</dependency> -->
-
 
 		<dependency>
 			<groupId>org.hibernate</groupId>
diff --git a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml
index 4db2aa3ad..014759b5c 100644
--- a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml
+++ b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml
@@ -12,12 +12,12 @@
 		<dependency>
 			<groupId>org.bouncycastle</groupId>
 			<artifactId>bcprov-jdk15on</artifactId>
-			<version>1.52</version>
+			<version>1.70</version>
 		</dependency>
 		<dependency>
 			<groupId>org.bouncycastle</groupId>
 			<artifactId>bcpkix-jdk15on</artifactId>
-			<version>1.52</version>
+			<version>1.70</version>
 		</dependency>
 		
 						<!-- JSON JWT implementation -->
diff --git a/id/server/modules/moa-id-module-eIDAS/pom.xml b/id/server/modules/moa-id-module-eIDAS/pom.xml
index eabb1fc18..a83a065fa 100644
--- a/id/server/modules/moa-id-module-eIDAS/pom.xml
+++ b/id/server/modules/moa-id-module-eIDAS/pom.xml
@@ -237,14 +237,14 @@
   	<dependency>
 			<groupId>org.bouncycastle</groupId>
 			<artifactId>bcprov-jdk15on</artifactId>
-			<version>1.52</version>
+			<version>1.70</version>
 			<!-- <scope>provided</scope> -->
 		</dependency>
   
   	<dependency>
     	<groupId>com.ibm.icu</groupId>
     	<artifactId>icu4j</artifactId>
-    	<version>58.2</version>
+    	<version>70.1</version>
 		</dependency>
   
   
diff --git a/id/server/modules/moa-id-module-ehvd_integration/pom.xml b/id/server/modules/moa-id-module-ehvd_integration/pom.xml
index 6f9463710..15d129dcb 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/pom.xml
+++ b/id/server/modules/moa-id-module-ehvd_integration/pom.xml
@@ -32,7 +32,6 @@
 		<dependency>
 			<groupId>javax.servlet</groupId>
     		<artifactId>javax.servlet-api</artifactId>
-    		<version>3.1.0</version>
 			<scope>provided</scope>
 		</dependency>
 
diff --git a/id/server/modules/moa-id-module-openID/pom.xml b/id/server/modules/moa-id-module-openID/pom.xml
index a7a4dad1b..bed0ef11c 100644
--- a/id/server/modules/moa-id-module-openID/pom.xml
+++ b/id/server/modules/moa-id-module-openID/pom.xml
@@ -38,13 +38,13 @@
 		<dependency>
 			<groupId>com.google.http-client</groupId>
 			<artifactId>google-http-client-jackson2</artifactId>
-			<version>1.22.0</version>
+			<version>1.40.1</version>
 			<scope>test</scope>
 		</dependency>
 		<dependency>
 			<groupId>com.google.oauth-client</groupId>
 			<artifactId>google-oauth-client-jetty</artifactId>
-			<version>1.22.0</version>
+			<version>1.32.1</version>
 			<scope>test</scope>
 			<exclusions>
 				<exclusion>
@@ -78,7 +78,6 @@
 		<dependency>
 			<groupId>com.google.guava</groupId>
 			<artifactId>guava</artifactId>
-			<version>19.0</version>
 		</dependency>
 		
 				<!-- TestNG -->
diff --git a/id/server/modules/moa-id-module-sl20_authentication/pom.xml b/id/server/modules/moa-id-module-sl20_authentication/pom.xml
index 1f7606e1d..4734bb3a6 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/pom.xml
+++ b/id/server/modules/moa-id-module-sl20_authentication/pom.xml
@@ -53,18 +53,18 @@
 	<dependency>
     	<groupId>com.google.code.gson</groupId>
     	<artifactId>gson</artifactId>
-    	<version>2.8.2</version>
+    	<version>2.8.9</version>
 	</dependency>
 	<dependency>
     	<groupId>org.bitbucket.b_c</groupId>
     	<artifactId>jose4j</artifactId>
-    	<version>0.6.3</version>
+    	<version>0.7.9</version>
   	</dependency>
   
   <dependency>
 			<groupId>org.bouncycastle</groupId>
 			<artifactId>bcprov-jdk15on</artifactId>
-			<version>1.52</version>
+			<version>1.70</version>
 			<!-- <scope>provided</scope> -->
 </dependency>
   
diff --git a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/SL20JSONExtractorUtils.java b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/SL20JSONExtractorUtils.java
index 759d9c838..6bf297a4e 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/SL20JSONExtractorUtils.java
+++ b/id/server/modules/moa-id-module-sl20_authentication/src/main/java/at/gv/egovernment/moa/id/auth/modules/sl20_auth/sl20/SL20JSONExtractorUtils.java
@@ -13,7 +13,6 @@ import org.apache.http.Header;
 import org.apache.http.HttpEntity;
 import org.apache.http.HttpResponse;
 import org.apache.http.client.utils.URIBuilder;
-import org.apache.log4j.Logger;
 import org.jose4j.base64url.Base64Url;
 
 import com.google.gson.JsonElement;
@@ -23,328 +22,347 @@ import com.google.gson.JsonParser;
 import at.gv.egovernment.moa.id.auth.modules.sl20_auth.data.VerificationResult;
 import at.gv.egovernment.moa.id.auth.modules.sl20_auth.exceptions.SL20Exception;
 import at.gv.egovernment.moa.id.auth.modules.sl20_auth.exceptions.SLCommandoParserException;
+import lombok.extern.slf4j.Slf4j;
 
+@Slf4j
 public class SL20JSONExtractorUtils {
-	private static final Logger log = Logger.getLogger(SL20JSONExtractorUtils.class);
-	
-	/**
-	 * Extract String value from JSON 
-	 * 
-	 * @param input
-	 * @param keyID
-	 * @param isRequired
-	 * @return
-	 * @throws SLCommandoParserException
-	 */
-	public static String getStringValue(JsonObject input, String keyID, boolean isRequired) throws SLCommandoParserException {
-		try {
-			JsonElement internal = getAndCheck(input, keyID, isRequired);
-		
-			if (internal != null)
-				return internal.getAsString();
-			else
-				return null;
-			
-		} catch (SLCommandoParserException e) {
-			throw e;
-			
-		} catch (Exception e) {
-			throw new SLCommandoParserException("Can not extract String value with keyId: " + keyID, e);
-			
-		}		
-	}
-	
-	/**
-	 * Extract Boolean value from JSON 
-	 * 
-	 * @param input
-	 * @param keyID
-	 * @param isRequired
-	 * @return
-	 * @throws SLCommandoParserException
-	 */
-	public static boolean getBooleanValue(JsonObject input, String keyID, boolean isRequired, boolean defaultValue) throws SLCommandoParserException {
-		try {
-			JsonElement internal = getAndCheck(input, keyID, isRequired);
-				
-			if (internal != null)
-				return internal.getAsBoolean();
-			else
-				return defaultValue;
-			
-		} catch (SLCommandoParserException e) {
-			throw e;
-			
-		} catch (Exception e) {
-			throw new SLCommandoParserException("Can not extract Boolean value with keyId: " + keyID, e);
-			
-		}		
-	}
-	
-	/**
-	 * Extract JSONObject value from JSON 
-	 * 
-	 * @param input
-	 * @param keyID
-	 * @param isRequired
-	 * @return
-	 * @throws SLCommandoParserException
-	 */
-	public static JsonObject getJSONObjectValue(JsonObject input, String keyID, boolean isRequired) throws SLCommandoParserException {
-		try {
-			JsonElement internal = getAndCheck(input, keyID, isRequired);
-				
-			if (internal != null)
-				return internal.getAsJsonObject();
-			else
-				return null;
-			
-		} catch (SLCommandoParserException e) {
-			throw e;
-			
-		} catch (Exception e) {
-			throw new SLCommandoParserException("Can not extract Boolean value with keyId: " + keyID, e);
-			
-		}		
-	}
-	
-	/**
-	 * Extract a List of String elements from a JSON element
-	 * 
-	 * @param input
-	 * @return
-	 * @throws SLCommandoParserException
-	 */
-	public static List<String> getListOfStringElements(JsonElement input) throws SLCommandoParserException {
-		List<String> result = new ArrayList<String>();
-		if (input != null) {
-			if (input.isJsonArray()) {			
-				Iterator<JsonElement> arrayIterator = input.getAsJsonArray().iterator();
-				while(arrayIterator.hasNext()) {
-					JsonElement next = arrayIterator.next();
-					if (next.isJsonPrimitive())
-						result.add(next.getAsString());											
-				}
-				
-			} else if (input.isJsonPrimitive()) {
-				result.add(input.getAsString());
-				
-			} else {
-				log.warn("JSON Element IS NOT a JSON array or a JSON Primitive");
-				throw new SLCommandoParserException("JSON Element IS NOT a JSON array or a JSON Primitive");
-				
-			}
-		}
-		
-		return result;
-	}
-	
-	/**
-	 * Extract Map of Key/Value pairs from a JSON Element
-	 * 
-	 * @param input parent JSON object
-	 * @param keyID KeyId of the child that should be parsed
-	 * @param isRequired
-	 * @return
-	 * @throws SLCommandoParserException
-	 */
-	public static Map<String, String> getMapOfStringElements(JsonObject input, String keyID, boolean isRequired) throws SLCommandoParserException {
-		JsonElement internal = getAndCheck(input, keyID, isRequired);
-		return getMapOfStringElements(internal);
-		
-	}
-	
-	/**
-	 * Extract Map of Key/Value pairs from a JSON Element 
-	 * 
-	 * @param input
-	 * @return
-	 * @throws SLCommandoParserException
-	 */
-	public static Map<String, String> getMapOfStringElements(JsonElement input) throws SLCommandoParserException {		
-		Map<String, String> result = new HashMap<String, String>();
-				
-		if (input != null) {
-			if (input.isJsonArray()) {			
-				Iterator<JsonElement> arrayIterator = input.getAsJsonArray().iterator();
-				while(arrayIterator.hasNext()) {
-					JsonElement next = arrayIterator.next();				
-					Iterator<Entry<String, JsonElement>> entry = next.getAsJsonObject().entrySet().iterator();
-					entitySetToMap(result, entry);
-					
-				}
-				
-			} else if (input.isJsonObject()) {
-				Iterator<Entry<String, JsonElement>> objectKeys = input.getAsJsonObject().entrySet().iterator();
-				entitySetToMap(result, objectKeys);
-				
-			} else
-				throw new SLCommandoParserException("JSON Element IS NOT a JSON array or a JSON object");
-			
-		}
-		
-		return result;
-	}
-	
-	private static void entitySetToMap(Map<String, String> result, Iterator<Entry<String, JsonElement>> entry) {
-		while (entry.hasNext()) {
-			Entry<String, JsonElement> el = entry.next();
-			if (result.containsKey(el.getKey()))
-				log.info("Attr. Map already contains Element with Key: " + el.getKey() + ". Overwrite element ... ");
-			
-			result.put(el.getKey(), el.getValue().getAsString());
-		
-		}
-		
-	}
-	
-	
-	public static JsonElement extractSL20Result(JsonObject command, IJOSETools decrypter, boolean mustBeEncrypted) throws SL20Exception {
-		JsonElement result = command.get(SL20Constants.SL20_COMMAND_CONTAINER_RESULT);
-		JsonElement encryptedResult = command.get(SL20Constants.SL20_COMMAND_CONTAINER_ENCRYPTEDRESULT);
-		
-		if (result == null && encryptedResult == null)
-			throw new SLCommandoParserException("NO result OR encryptedResult FOUND.");		
-				
-		else if (encryptedResult == null && mustBeEncrypted)
-			throw new SLCommandoParserException("result MUST be signed.");
-				
-		else if (encryptedResult != null && encryptedResult.isJsonPrimitive()) {
-			try {
-				return decrypter.decryptPayload(encryptedResult.getAsString());
-				
-			} catch (Exception e) {
-				log.info("Can NOT decrypt SL20 result. Reason:" + e.getMessage());
-				if (!mustBeEncrypted) {
-					log.warn("Decrypted results are disabled by configuration. Parse result in plain if it is possible");
-
-					//dummy code
-					try {
-						String[] signedPayload = encryptedResult.toString().split("\\.");
-						JsonElement payLoad = new JsonParser().parse(new String(Base64.getUrlDecoder().decode(signedPayload[1])));
-						return payLoad;
-						
-					} catch (Exception e1) {
-						log.debug("DummyCode FAILED, Reason: " + e1.getMessage() + " Ignore it ...");
-						throw new SL20Exception(e.getMessage(), null, e);
-						
-					}
-					
-				} else
-					throw e;	
-				
-			}
-
-		} else if (result != null) {
-				return result;
-
-		} else
-			throw new SLCommandoParserException("Internal build error");
-		
-		
-	}
-		
-	/**
-	 * Extract payLoad from generic transport container
-	 * 
-	 * @param container
-	 * @param joseTools
-	 * @return
-	 * @throws SLCommandoParserException
-	 */
-	public static VerificationResult extractSL20PayLoad(JsonObject container, IJOSETools joseTools, boolean mustBeSigned) throws SL20Exception {
-		
-		JsonElement sl20Payload = container.get(SL20Constants.SL20_PAYLOAD);
-		JsonElement sl20SignedPayload = container.get(SL20Constants.SL20_SIGNEDPAYLOAD);
-		
-		if (mustBeSigned && joseTools == null)
-			throw new SLCommandoParserException("'joseTools' MUST be set if 'mustBeSigned' is 'true'");
-					
-		if (sl20Payload == null && sl20SignedPayload == null)
-			throw new SLCommandoParserException("NO payLoad OR signedPayload FOUND.");		
-		
-		else if (sl20SignedPayload == null && mustBeSigned)
-			throw new SLCommandoParserException("payLoad MUST be signed.");
-
-		else if (joseTools != null && sl20SignedPayload != null && sl20SignedPayload.isJsonPrimitive()) {	
-			return joseTools.validateSignature(sl20SignedPayload.getAsString());
-		
-		} else if (sl20Payload != null)
-			return new VerificationResult(sl20Payload.getAsJsonObject());
-		
-		 else
-			throw new SLCommandoParserException("Internal build error");
-			
-		
-	}
-	
-	
-	/**
-	 * Extract generic transport container from httpResponse
-	 * 
-	 * @param httpResp
-	 * @return
-	 * @throws SLCommandoParserException
-	 */
-	public static JsonObject getSL20ContainerFromResponse(HttpResponse httpResp) throws SLCommandoParserException {
-		try {
-			JsonObject sl20Resp = null;
-			if (httpResp.getStatusLine().getStatusCode() == 307) {
-				Header[] locationHeader = httpResp.getHeaders("Location");
-				if (locationHeader == null)
-					throw new SLCommandoParserException("Find Redirect statuscode but not Location header");
-			
-				String sl20RespString = new URIBuilder(locationHeader[0].getValue()).getQueryParams().get(0).getValue();
-				sl20Resp = new JsonParser().parse(Base64Url.encode((sl20RespString.getBytes()))).getAsJsonObject();
-			
-			} else if (httpResp.getStatusLine().getStatusCode() == 200) {
-				if (!httpResp.getEntity().getContentType().getValue().startsWith("application/json"))
-					throw new SLCommandoParserException("SL20 response with a wrong ContentType: " + httpResp.getEntity().getContentType().getValue());					
-				sl20Resp = parseSL20ResultFromResponse(httpResp.getEntity());
-		
-			} else if ( (httpResp.getStatusLine().getStatusCode() == 500) || 
-					(httpResp.getStatusLine().getStatusCode() == 401) || 
-					(httpResp.getStatusLine().getStatusCode() == 400) ) {
-				log.info("SL20 response with http-code: " + httpResp.getStatusLine().getStatusCode() 
-						+ ". Search for error message");				
-				sl20Resp = parseSL20ResultFromResponse(httpResp.getEntity());
-				
-				
-			} else
-				throw new SLCommandoParserException("SL20 response with http-code: " + httpResp.getStatusLine().getStatusCode());
-
-			log.info("Find JSON object in http response");
-			return sl20Resp;
-			
-		} catch (Exception e) {
-			throw new SLCommandoParserException("SL20 response parsing FAILED! Reason: " + e.getMessage(), e);
-			
-		}		
-	}
-	
-	private static JsonObject parseSL20ResultFromResponse(HttpEntity resp) throws Exception {
-		if (resp != null && resp.getContent() != null) {			
-			JsonElement sl20Resp = new JsonParser().parse(new InputStreamReader(resp.getContent()));
-			if (sl20Resp != null && sl20Resp.isJsonObject()) {
-				return sl20Resp.getAsJsonObject();
-				
-			} else
-				throw new SLCommandoParserException("SL2.0 can NOT parse to a JSON object");
-			
-			
-		} else
-			throw new SLCommandoParserException("Can NOT find content in http response");
- 					
-	}
-	
-	
-	private static JsonElement getAndCheck(JsonObject input, String keyID, boolean isRequired) throws SLCommandoParserException {
-		JsonElement internal = input.get(keyID);
-		
-		if (internal == null && isRequired) 
-			throw new SLCommandoParserException("REQUIRED Element with keyId: " + keyID + " does not exist");
-		
-		return internal;
-		
-	}
+
+  /**
+   * Extract String value from JSON
+   * 
+   * @param input
+   * @param keyID
+   * @param isRequired
+   * @return
+   * @throws SLCommandoParserException
+   */
+  public static String getStringValue(JsonObject input, String keyID, boolean isRequired)
+      throws SLCommandoParserException {
+    try {
+      final JsonElement internal = getAndCheck(input, keyID, isRequired);
+
+      if (internal != null) {
+        return internal.getAsString();
+      } else {
+        return null;
+      }
+
+    } catch (final SLCommandoParserException e) {
+      throw e;
+
+    } catch (final Exception e) {
+      throw new SLCommandoParserException("Can not extract String value with keyId: " + keyID, e);
+
+    }
+  }
+
+  /**
+   * Extract Boolean value from JSON
+   * 
+   * @param input
+   * @param keyID
+   * @param isRequired
+   * @return
+   * @throws SLCommandoParserException
+   */
+  public static boolean getBooleanValue(JsonObject input, String keyID, boolean isRequired,
+      boolean defaultValue) throws SLCommandoParserException {
+    try {
+      final JsonElement internal = getAndCheck(input, keyID, isRequired);
+
+      if (internal != null) {
+        return internal.getAsBoolean();
+      } else {
+        return defaultValue;
+      }
+
+    } catch (final SLCommandoParserException e) {
+      throw e;
+
+    } catch (final Exception e) {
+      throw new SLCommandoParserException("Can not extract Boolean value with keyId: " + keyID, e);
+
+    }
+  }
+
+  /**
+   * Extract JSONObject value from JSON
+   * 
+   * @param input
+   * @param keyID
+   * @param isRequired
+   * @return
+   * @throws SLCommandoParserException
+   */
+  public static JsonObject getJSONObjectValue(JsonObject input, String keyID, boolean isRequired)
+      throws SLCommandoParserException {
+    try {
+      final JsonElement internal = getAndCheck(input, keyID, isRequired);
+
+      if (internal != null) {
+        return internal.getAsJsonObject();
+      } else {
+        return null;
+      }
+
+    } catch (final SLCommandoParserException e) {
+      throw e;
+
+    } catch (final Exception e) {
+      throw new SLCommandoParserException("Can not extract Boolean value with keyId: " + keyID, e);
+
+    }
+  }
+
+  /**
+   * Extract a List of String elements from a JSON element
+   * 
+   * @param input
+   * @return
+   * @throws SLCommandoParserException
+   */
+  public static List<String> getListOfStringElements(JsonElement input) throws SLCommandoParserException {
+    final List<String> result = new ArrayList<>();
+    if (input != null) {
+      if (input.isJsonArray()) {
+        final Iterator<JsonElement> arrayIterator = input.getAsJsonArray().iterator();
+        while (arrayIterator.hasNext()) {
+          final JsonElement next = arrayIterator.next();
+          if (next.isJsonPrimitive()) {
+            result.add(next.getAsString());
+          }
+        }
+
+      } else if (input.isJsonPrimitive()) {
+        result.add(input.getAsString());
+
+      } else {
+        log.warn("JSON Element IS NOT a JSON array or a JSON Primitive");
+        throw new SLCommandoParserException("JSON Element IS NOT a JSON array or a JSON Primitive");
+
+      }
+    }
+
+    return result;
+  }
+
+  /**
+   * Extract Map of Key/Value pairs from a JSON Element
+   * 
+   * @param input      parent JSON object
+   * @param keyID      KeyId of the child that should be parsed
+   * @param isRequired
+   * @return
+   * @throws SLCommandoParserException
+   */
+  public static Map<String, String> getMapOfStringElements(JsonObject input, String keyID, boolean isRequired)
+      throws SLCommandoParserException {
+    final JsonElement internal = getAndCheck(input, keyID, isRequired);
+    return getMapOfStringElements(internal);
+
+  }
+
+  /**
+   * Extract Map of Key/Value pairs from a JSON Element
+   * 
+   * @param input
+   * @return
+   * @throws SLCommandoParserException
+   */
+  public static Map<String, String> getMapOfStringElements(JsonElement input)
+      throws SLCommandoParserException {
+    final Map<String, String> result = new HashMap<>();
+
+    if (input != null) {
+      if (input.isJsonArray()) {
+        final Iterator<JsonElement> arrayIterator = input.getAsJsonArray().iterator();
+        while (arrayIterator.hasNext()) {
+          final JsonElement next = arrayIterator.next();
+          final Iterator<Entry<String, JsonElement>> entry = next.getAsJsonObject().entrySet().iterator();
+          entitySetToMap(result, entry);
+
+        }
+
+      } else if (input.isJsonObject()) {
+        final Iterator<Entry<String, JsonElement>> objectKeys = input.getAsJsonObject().entrySet().iterator();
+        entitySetToMap(result, objectKeys);
+
+      } else {
+        throw new SLCommandoParserException("JSON Element IS NOT a JSON array or a JSON object");
+      }
+
+    }
+
+    return result;
+  }
+
+  private static void entitySetToMap(Map<String, String> result, Iterator<Entry<String, JsonElement>> entry) {
+    while (entry.hasNext()) {
+      final Entry<String, JsonElement> el = entry.next();
+      if (result.containsKey(el.getKey())) {
+        log.info("Attr. Map already contains Element with Key: " + el.getKey() + ". Overwrite element ... ");
+      }
+
+      result.put(el.getKey(), el.getValue().getAsString());
+
+    }
+
+  }
+
+  public static JsonElement extractSL20Result(JsonObject command, IJOSETools decrypter,
+      boolean mustBeEncrypted) throws SL20Exception {
+    final JsonElement result = command.get(SL20Constants.SL20_COMMAND_CONTAINER_RESULT);
+    final JsonElement encryptedResult = command.get(SL20Constants.SL20_COMMAND_CONTAINER_ENCRYPTEDRESULT);
+
+    if (result == null && encryptedResult == null) {
+      throw new SLCommandoParserException("NO result OR encryptedResult FOUND.");
+    } else if (encryptedResult == null && mustBeEncrypted) {
+      throw new SLCommandoParserException("result MUST be signed.");
+    } else if (encryptedResult != null && encryptedResult.isJsonPrimitive()) {
+      try {
+        return decrypter.decryptPayload(encryptedResult.getAsString());
+
+      } catch (final Exception e) {
+        log.info("Can NOT decrypt SL20 result. Reason:" + e.getMessage());
+        if (!mustBeEncrypted) {
+          log.warn(
+              "Decrypted results are disabled by configuration. Parse result in plain if it is possible");
+
+          // dummy code
+          try {
+            final String[] signedPayload = encryptedResult.toString().split("\\.");
+            final JsonElement payLoad = new JsonParser().parse(new String(Base64.getUrlDecoder().decode(
+                signedPayload[1])));
+            return payLoad;
+
+          } catch (final Exception e1) {
+            log.debug("DummyCode FAILED, Reason: " + e1.getMessage() + " Ignore it ...");
+            throw new SL20Exception(e.getMessage(), null, e);
+
+          }
+
+        } else {
+          throw e;
+        }
+
+      }
+
+    } else if (result != null) {
+      return result;
+
+    } else {
+      throw new SLCommandoParserException("Internal build error");
+    }
+
+  }
+
+  /**
+   * Extract payLoad from generic transport container
+   * 
+   * @param container
+   * @param joseTools
+   * @return
+   * @throws SLCommandoParserException
+   */
+  public static VerificationResult extractSL20PayLoad(JsonObject container, IJOSETools joseTools,
+      boolean mustBeSigned) throws SL20Exception {
+
+    final JsonElement sl20Payload = container.get(SL20Constants.SL20_PAYLOAD);
+    final JsonElement sl20SignedPayload = container.get(SL20Constants.SL20_SIGNEDPAYLOAD);
+
+    if (mustBeSigned && joseTools == null) {
+      throw new SLCommandoParserException("'joseTools' MUST be set if 'mustBeSigned' is 'true'");
+    }
+
+    if (sl20Payload == null && sl20SignedPayload == null) {
+      throw new SLCommandoParserException("NO payLoad OR signedPayload FOUND.");
+    } else if (sl20SignedPayload == null && mustBeSigned) {
+      throw new SLCommandoParserException("payLoad MUST be signed.");
+    } else if (joseTools != null && sl20SignedPayload != null && sl20SignedPayload.isJsonPrimitive()) {
+      return joseTools.validateSignature(sl20SignedPayload.getAsString());
+
+    } else if (sl20Payload != null) {
+      return new VerificationResult(sl20Payload.getAsJsonObject());
+    } else {
+      throw new SLCommandoParserException("Internal build error");
+    }
+
+  }
+
+  /**
+   * Extract generic transport container from httpResponse
+   * 
+   * @param httpResp
+   * @return
+   * @throws SLCommandoParserException
+   */
+  public static JsonObject getSL20ContainerFromResponse(HttpResponse httpResp)
+      throws SLCommandoParserException {
+    try {
+      JsonObject sl20Resp = null;
+      if (httpResp.getStatusLine().getStatusCode() == 307) {
+        final Header[] locationHeader = httpResp.getHeaders("Location");
+        if (locationHeader == null) {
+          throw new SLCommandoParserException("Find Redirect statuscode but not Location header");
+        }
+
+        final String sl20RespString = new URIBuilder(locationHeader[0].getValue()).getQueryParams().get(0)
+            .getValue();
+        sl20Resp = new JsonParser().parse(Base64Url.encode(sl20RespString.getBytes())).getAsJsonObject();
+
+      } else if (httpResp.getStatusLine().getStatusCode() == 200) {
+        if (!httpResp.getEntity().getContentType().getValue().startsWith("application/json")) {
+          throw new SLCommandoParserException("SL20 response with a wrong ContentType: " + httpResp
+              .getEntity().getContentType().getValue());
+        }
+        sl20Resp = parseSL20ResultFromResponse(httpResp.getEntity());
+
+      } else if (httpResp.getStatusLine().getStatusCode() == 500 ||
+          httpResp.getStatusLine().getStatusCode() == 401 ||
+          httpResp.getStatusLine().getStatusCode() == 400) {
+        log.info("SL20 response with http-code: " + httpResp.getStatusLine().getStatusCode()
+            + ". Search for error message");
+        sl20Resp = parseSL20ResultFromResponse(httpResp.getEntity());
+
+      } else {
+        throw new SLCommandoParserException("SL20 response with http-code: " + httpResp.getStatusLine()
+            .getStatusCode());
+      }
+
+      log.info("Find JSON object in http response");
+      return sl20Resp;
+
+    } catch (final Exception e) {
+      throw new SLCommandoParserException("SL20 response parsing FAILED! Reason: " + e.getMessage(), e);
+
+    }
+  }
+
+  private static JsonObject parseSL20ResultFromResponse(HttpEntity resp) throws Exception {
+    if (resp != null && resp.getContent() != null) {
+      final JsonElement sl20Resp = new JsonParser().parse(new InputStreamReader(resp.getContent()));
+      if (sl20Resp != null && sl20Resp.isJsonObject()) {
+        return sl20Resp.getAsJsonObject();
+
+      } else {
+        throw new SLCommandoParserException("SL2.0 can NOT parse to a JSON object");
+      }
+
+    } else {
+      throw new SLCommandoParserException("Can NOT find content in http response");
+    }
+
+  }
+
+  private static JsonElement getAndCheck(JsonObject input, String keyID, boolean isRequired)
+      throws SLCommandoParserException {
+    final JsonElement internal = input.get(keyID);
+
+    if (internal == null && isRequired) {
+      throw new SLCommandoParserException("REQUIRED Element with keyId: " + keyID + " does not exist");
+    }
+
+    return internal;
+
+  }
 }
diff --git a/id/server/modules/moa-id-module-ssoTransfer/pom.xml b/id/server/modules/moa-id-module-ssoTransfer/pom.xml
index dbf91dccf..458eb3f85 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/pom.xml
+++ b/id/server/modules/moa-id-module-ssoTransfer/pom.xml
@@ -36,14 +36,14 @@
 		<dependency>
 			<groupId>org.bouncycastle</groupId>
 			<artifactId>bcprov-jdk15on</artifactId>
-			<version>1.52</version>
+			<version>1.70</version>
 			<!-- <scope>provided</scope> -->
 		</dependency>
 		
 		<dependency>
 			<groupId>org.bouncycastle</groupId>
 			<artifactId>bcpkix-jdk15on</artifactId>
-			<version>1.52</version>
+			<version>1.70</version>
 		</dependency>
 		
 		<dependency>
-- 
cgit v1.2.3


From 0e8975416c90c44b6b73add7a9b6e0cb2a7b49be Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Tue, 21 Sep 2021 16:12:27 +0200
Subject: change errorhandling in SSLTrustManager in case of an invalid file in
 truststore.

---
 .../egovernment/moa/id/commons/utils/ssl/MOAIDTrustManager.java   | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

(limited to 'id/server')

diff --git a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/MOAIDTrustManager.java b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/MOAIDTrustManager.java
index dd606ea18..4da6888a9 100644
--- a/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/MOAIDTrustManager.java
+++ b/id/server/moa-id-commons/src/main/java/at/gv/egovernment/moa/id/commons/utils/ssl/MOAIDTrustManager.java
@@ -156,8 +156,8 @@ public class MOAIDTrustManager extends IAIKX509TrustManager {
     		certList.add(cert);
     		
     	} catch (Exception e) {
-    	   	Logger.error("Can NOT initialize SSLTrustManager. Certificate: " + certFile.getPath() 
-    	   		+ " is not loadable, Reason: " + e.getMessage());
+    	   	Logger.warn("Can NOT import Certificate: " + certFile.getPath() 
+    	   		+ " into SSLTrustManager. Reason: " + e.getMessage());
     	   	
     	   	if (Logger.isDebugEnabled()) {
     	   		try {
@@ -171,13 +171,13 @@ public class MOAIDTrustManager extends IAIKX509TrustManager {
     	   		}
     	   	}
     	   	
-    	    throw new SSLConfigurationException("config.28", new Object[]{certFile.getPath(), e.getMessage()}, e);
+    	    //throw new SSLConfigurationException("config.28", new Object[]{certFile.getPath(), e.getMessage()}, e);
     	    
     	} finally {
 			if (fis != null)
 				fis.close();
 			
-		}
+    	}
     }
     
     // store acceptedServerCertificates
-- 
cgit v1.2.3


From 2368c13ce76e0c1e543fc9cb3f41747625f0cadc Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Mon, 13 Dec 2021 10:20:58 +0100
Subject: update some more third-party libs

---
 id/server/idserverlib/pom.xml                          | 4 ++++
 id/server/moa-id-commons/pom.xml                       | 5 +++++
 id/server/modules/moa-id-module-E-ID_connector/pom.xml | 8 +++++++-
 3 files changed, 16 insertions(+), 1 deletion(-)

(limited to 'id/server')

diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml
index 4314bd3fd..ebdb70782 100644
--- a/id/server/idserverlib/pom.xml
+++ b/id/server/idserverlib/pom.xml
@@ -228,6 +228,10 @@
 			<artifactId>junit</artifactId>
 			<scope>test</scope>
 		</dependency>
+		<dependency>
+    		<groupId>commons-beanutils</groupId>
+    		<artifactId>commons-beanutils</artifactId>
+		</dependency>		
 		
 <!-- 		<dependency>
 			<groupId>MOA</groupId>
diff --git a/id/server/moa-id-commons/pom.xml b/id/server/moa-id-commons/pom.xml
index 2ab3b4c86..3381ddfec 100644
--- a/id/server/moa-id-commons/pom.xml
+++ b/id/server/moa-id-commons/pom.xml
@@ -185,6 +185,11 @@
     		<artifactId>log4j-slf4j-impl</artifactId>    	
 		</dependency>
 
+		<dependency>
+    		<groupId>org.apache.logging.log4j</groupId>
+    		<artifactId>log4j-1.2-api</artifactId>
+		</dependency>
+
 		<dependency>
 			<groupId>org.hibernate</groupId>
 			<artifactId>hibernate-core</artifactId>
diff --git a/id/server/modules/moa-id-module-E-ID_connector/pom.xml b/id/server/modules/moa-id-module-E-ID_connector/pom.xml
index 3b583d69e..3b7c2efcc 100644
--- a/id/server/modules/moa-id-module-E-ID_connector/pom.xml
+++ b/id/server/modules/moa-id-module-E-ID_connector/pom.xml
@@ -50,7 +50,13 @@
     <dependency>
   		<groupId>at.gv.egiz.eaaf</groupId>
   		<artifactId>eaaf_module_pvp2_core</artifactId>
-  	</dependency>
+  		<exclusions>
+  			<exclusion>
+  				<groupId>log4j</groupId>
+  				<artifactId>log4j</artifactId>
+  			</exclusion>
+  		</exclusions>
+    </dependency>
   	<dependency>
   		<groupId>at.gv.egiz.eaaf</groupId>
   		<artifactId>eaaf_module_pvp2_sp</artifactId>
-- 
cgit v1.2.3


From 2585437075bf57d95e271751d7d6695bf6673f86 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Mon, 13 Dec 2021 11:30:20 +0100
Subject: switch to next release-canditate

---
 id/server/auth-edu/pom.xml                                        | 2 +-
 id/server/auth-final/pom.xml                                      | 2 +-
 id/server/idserverlib/pom.xml                                     | 2 +-
 id/server/moa-id-commons/pom.xml                                  | 2 +-
 id/server/moa-id-frontend-resources/pom.xml                       | 2 +-
 id/server/moa-id-jaxb_classes/pom.xml                             | 2 +-
 id/server/moa-id-spring-initializer/pom.xml                       | 2 +-
 id/server/modules/moa-id-modul-citizencard_authentication/pom.xml | 2 +-
 id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml        | 2 +-
 id/server/modules/moa-id-module-E-ID_connector/pom.xml            | 2 +-
 id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml    | 2 +-
 id/server/modules/moa-id-module-dummyAuth/pom.xml                 | 2 +-
 id/server/modules/moa-id-module-eIDAS/pom.xml                     | 2 +-
 id/server/modules/moa-id-module-ehvd_integration/pom.xml          | 2 +-
 id/server/modules/moa-id-module-elga_mandate_service/pom.xml      | 2 +-
 id/server/modules/moa-id-module-openID/pom.xml                    | 2 +-
 id/server/modules/moa-id-module-sl20_authentication/pom.xml       | 2 +-
 id/server/modules/moa-id-module-ssoTransfer/pom.xml               | 2 +-
 id/server/modules/moa-id-modules-federated_authentication/pom.xml | 2 +-
 id/server/modules/moa-id-modules-saml1/pom.xml                    | 2 +-
 id/server/modules/module-monitoring/pom.xml                       | 2 +-
 id/server/modules/pom.xml                                         | 2 +-
 id/server/pom.xml                                                 | 2 +-
 23 files changed, 23 insertions(+), 23 deletions(-)

(limited to 'id/server')

diff --git a/id/server/auth-edu/pom.xml b/id/server/auth-edu/pom.xml
index 7d9f0ed44..fc21b4a2c 100644
--- a/id/server/auth-edu/pom.xml
+++ b/id/server/auth-edu/pom.xml
@@ -2,7 +2,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.1.6-SNAPSHOT</version>
+		<version>4.1.6-RC1</version>
 	</parent>
 	
 	<modelVersion>4.0.0</modelVersion>
diff --git a/id/server/auth-final/pom.xml b/id/server/auth-final/pom.xml
index 1f5582339..e00efaa87 100644
--- a/id/server/auth-final/pom.xml
+++ b/id/server/auth-final/pom.xml
@@ -2,7 +2,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.1.6-SNAPSHOT</version>
+		<version>4.1.6-RC1</version>
 	</parent>
 	
 	<modelVersion>4.0.0</modelVersion>
diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml
index ebdb70782..9f8fa943c 100644
--- a/id/server/idserverlib/pom.xml
+++ b/id/server/idserverlib/pom.xml
@@ -4,7 +4,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.1.6-SNAPSHOT</version>
+		<version>4.1.6-RC1</version>
 	</parent>
 
 	<groupId>MOA.id.server</groupId>
diff --git a/id/server/moa-id-commons/pom.xml b/id/server/moa-id-commons/pom.xml
index 3381ddfec..cb4e0f116 100644
--- a/id/server/moa-id-commons/pom.xml
+++ b/id/server/moa-id-commons/pom.xml
@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.1.6-SNAPSHOT</version>
+		<version>4.1.6-RC1</version>
 	</parent>
 	<artifactId>moa-id-commons</artifactId>
 	<name>moa-id-commons</name>
diff --git a/id/server/moa-id-frontend-resources/pom.xml b/id/server/moa-id-frontend-resources/pom.xml
index ac60b89a4..d35b62e20 100644
--- a/id/server/moa-id-frontend-resources/pom.xml
+++ b/id/server/moa-id-frontend-resources/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id</groupId>
     <artifactId>moa-id</artifactId>
-    <version>4.1.6-SNAPSHOT</version>
+    <version>4.1.6-RC1</version>
   </parent>
   
   <groupId>MOA.id.server</groupId>
diff --git a/id/server/moa-id-jaxb_classes/pom.xml b/id/server/moa-id-jaxb_classes/pom.xml
index 2ad6199a9..04b999d40 100644
--- a/id/server/moa-id-jaxb_classes/pom.xml
+++ b/id/server/moa-id-jaxb_classes/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id</groupId>
     <artifactId>moa-id</artifactId>
-    <version>4.1.6-SNAPSHOT</version>
+    <version>4.1.6-RC1</version>
   </parent>
   <groupId>MOA.id.server</groupId>
   <artifactId>moa-id-jaxb_classes</artifactId>
diff --git a/id/server/moa-id-spring-initializer/pom.xml b/id/server/moa-id-spring-initializer/pom.xml
index 8bc49354d..a879ed310 100644
--- a/id/server/moa-id-spring-initializer/pom.xml
+++ b/id/server/moa-id-spring-initializer/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id</groupId>
     <artifactId>moa-id</artifactId>
-    <version>4.1.6-SNAPSHOT</version>
+    <version>4.1.6-RC1</version>
   </parent>
   
   <groupId>MOA.id.server</groupId>
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml b/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml
index 2668b4f97..c31b907fe 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.6-SNAPSHOT</version>
+    <version>4.1.6-RC1</version>
   </parent>
   <artifactId>moa-id-modul-citizencard_authentication</artifactId>
   
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
index 1df8e5824..824197950 100644
--- a/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.6-SNAPSHOT</version>
+    <version>4.1.6-RC1</version>
   </parent>
   <artifactId>moa-id-module-AT_eIDAS_connector</artifactId>
   <name>moa-id-module-AT_eIDAS_connector</name>
diff --git a/id/server/modules/moa-id-module-E-ID_connector/pom.xml b/id/server/modules/moa-id-module-E-ID_connector/pom.xml
index 3b7c2efcc..545f39be7 100644
--- a/id/server/modules/moa-id-module-E-ID_connector/pom.xml
+++ b/id/server/modules/moa-id-module-E-ID_connector/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.6-SNAPSHOT</version>
+    <version>4.1.6-RC1</version>
   </parent>
   <artifactId>moa-id-module-EID_connector</artifactId>
   <name>moa-id-module-E-ID_connector</name>
diff --git a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml
index 014759b5c..7388fae05 100644
--- a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml
+++ b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.6-SNAPSHOT</version>
+    <version>4.1.6-RC1</version>
   </parent>
   <artifactId>moa-id-module-bkaMobilaAuthSAML2Test</artifactId>
   <description>BKA MobileAuth Test for SAML2 applications</description>
diff --git a/id/server/modules/moa-id-module-dummyAuth/pom.xml b/id/server/modules/moa-id-module-dummyAuth/pom.xml
index b8f1163ad..96cff5dde 100644
--- a/id/server/modules/moa-id-module-dummyAuth/pom.xml
+++ b/id/server/modules/moa-id-module-dummyAuth/pom.xml
@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>MOA.id.server.modules</groupId>
 		<artifactId>moa-id-modules</artifactId>
-		<version>4.1.6-SNAPSHOT</version>
+		<version>4.1.6-RC1</version>
 	</parent>
 	<artifactId>moa-id-module-dummy-authenticatiuon</artifactId>
   	<version>${moa-id-dummy-auth.version}</version>
diff --git a/id/server/modules/moa-id-module-eIDAS/pom.xml b/id/server/modules/moa-id-module-eIDAS/pom.xml
index a83a065fa..11aa9c09c 100644
--- a/id/server/modules/moa-id-module-eIDAS/pom.xml
+++ b/id/server/modules/moa-id-module-eIDAS/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.6-SNAPSHOT</version>
+    <version>4.1.6-RC1</version>
   </parent>
   <artifactId>moa-id-module-eIDAS</artifactId>
   <name>MOA-ID eIDAS Module</name>
diff --git a/id/server/modules/moa-id-module-ehvd_integration/pom.xml b/id/server/modules/moa-id-module-ehvd_integration/pom.xml
index 15d129dcb..1327a33a7 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/pom.xml
+++ b/id/server/modules/moa-id-module-ehvd_integration/pom.xml
@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>MOA.id.server.modules</groupId>
 		<artifactId>moa-id-modules</artifactId>
-		<version>4.1.6-SNAPSHOT</version>
+		<version>4.1.6-RC1</version>
 	</parent>
 	<artifactId>moa-id-module-ehvd_integration</artifactId>
 	<version>${moa-id-ehvd_integration.version}</version>
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/pom.xml b/id/server/modules/moa-id-module-elga_mandate_service/pom.xml
index be7a15d89..51b80a200 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/pom.xml
+++ b/id/server/modules/moa-id-module-elga_mandate_service/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.6-SNAPSHOT</version>
+    <version>4.1.6-RC1</version>
   </parent>
   <artifactId>moa-id-module-elga_mandate_service</artifactId>
   <version>${moa-id-module-elga_mandate_client}</version>
diff --git a/id/server/modules/moa-id-module-openID/pom.xml b/id/server/modules/moa-id-module-openID/pom.xml
index bed0ef11c..06e4983ee 100644
--- a/id/server/modules/moa-id-module-openID/pom.xml
+++ b/id/server/modules/moa-id-module-openID/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.6-SNAPSHOT</version>
+    <version>4.1.6-RC1</version>
   </parent>
   
 	<artifactId>moa-id-module-openID</artifactId>
diff --git a/id/server/modules/moa-id-module-sl20_authentication/pom.xml b/id/server/modules/moa-id-module-sl20_authentication/pom.xml
index 4734bb3a6..0ec133d98 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/pom.xml
+++ b/id/server/modules/moa-id-module-sl20_authentication/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.6-SNAPSHOT</version>
+    <version>4.1.6-RC1</version>
   </parent>
   <artifactId>moa-id-module-sl20_authentication</artifactId>
   <name>moa-id-module-sl20_authentication</name>
diff --git a/id/server/modules/moa-id-module-ssoTransfer/pom.xml b/id/server/modules/moa-id-module-ssoTransfer/pom.xml
index 458eb3f85..3aed208e4 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/pom.xml
+++ b/id/server/modules/moa-id-module-ssoTransfer/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.6-SNAPSHOT</version>
+    <version>4.1.6-RC1</version>
   </parent>
   <artifactId>moa-id-module-ssoTransfer</artifactId>
   <name>MOA-ID_SSO_Transfer_modul</name>
diff --git a/id/server/modules/moa-id-modules-federated_authentication/pom.xml b/id/server/modules/moa-id-modules-federated_authentication/pom.xml
index 049da3a4e..d4183ab2e 100644
--- a/id/server/modules/moa-id-modules-federated_authentication/pom.xml
+++ b/id/server/modules/moa-id-modules-federated_authentication/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.6-SNAPSHOT</version>
+    <version>4.1.6-RC1</version>
   </parent>
   <artifactId>moa-id-modules-federated_authentication</artifactId>
   <description>PVP2 ServiceProvider implementation for federated authentication</description>
diff --git a/id/server/modules/moa-id-modules-saml1/pom.xml b/id/server/modules/moa-id-modules-saml1/pom.xml
index 87ae74148..2272559f6 100644
--- a/id/server/modules/moa-id-modules-saml1/pom.xml
+++ b/id/server/modules/moa-id-modules-saml1/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.6-SNAPSHOT</version>
+    <version>4.1.6-RC1</version>
   </parent>
   
 	<artifactId>moa-id-module-saml1</artifactId>
diff --git a/id/server/modules/module-monitoring/pom.xml b/id/server/modules/module-monitoring/pom.xml
index aef322b1e..c84a11aae 100644
--- a/id/server/modules/module-monitoring/pom.xml
+++ b/id/server/modules/module-monitoring/pom.xml
@@ -5,7 +5,7 @@
 	<parent>
 		<groupId>MOA.id.server.modules</groupId>
 		<artifactId>moa-id-modules</artifactId>
-		<version>4.1.6-SNAPSHOT</version>
+		<version>4.1.6-RC1</version>
 	</parent>
 
 	<artifactId>moa-id-module-monitoring</artifactId>
diff --git a/id/server/modules/pom.xml b/id/server/modules/pom.xml
index a5cf8bfa0..33db31267 100644
--- a/id/server/modules/pom.xml
+++ b/id/server/modules/pom.xml
@@ -5,7 +5,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.1.6-SNAPSHOT</version>
+		<version>4.1.6-RC1</version>
 	</parent>
 
 	<groupId>MOA.id.server.modules</groupId>
diff --git a/id/server/pom.xml b/id/server/pom.xml
index 8b1dd5b4b..88529fed5 100644
--- a/id/server/pom.xml
+++ b/id/server/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <groupId>MOA</groupId>
         <artifactId>id</artifactId>
-        <version>4.1.6-SNAPSHOT</version>
+        <version>4.1.6-RC1</version>
     </parent>
 
     <modelVersion>4.0.0</modelVersion>
-- 
cgit v1.2.3


From b2332a3b55b1d5164f9764cb895185798b4fb4a2 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Tue, 14 Dec 2021 11:52:51 +0100
Subject: fix possible problem with IAIK provider

---
 id/server/idserverlib/pom.xml    | 4 ++--
 id/server/moa-id-commons/pom.xml | 4 ++--
 2 files changed, 4 insertions(+), 4 deletions(-)

(limited to 'id/server')

diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml
index 9f8fa943c..c9fd1d195 100644
--- a/id/server/idserverlib/pom.xml
+++ b/id/server/idserverlib/pom.xml
@@ -712,8 +712,8 @@
                 <artifactId>maven-compiler-plugin</artifactId>
                 <version>3.6.1</version>
                 <configuration>
-                    <source>1.7</source>
-                    <target>1.7</target>
+                    <source>1.8</source>
+                    <target>1.8</target>
                     <encoding>UTF-8</encoding>
                 </configuration>
             </plugin>
diff --git a/id/server/moa-id-commons/pom.xml b/id/server/moa-id-commons/pom.xml
index cb4e0f116..1aac6b397 100644
--- a/id/server/moa-id-commons/pom.xml
+++ b/id/server/moa-id-commons/pom.xml
@@ -346,8 +346,8 @@
 				<artifactId>maven-compiler-plugin</artifactId>
 				<version>3.6.1</version>
 				<configuration>
-					<source>1.7</source>
-					<target>1.7</target>
+					<source>1.8</source>
+					<target>1.8</target>
 					<encoding>UTF-8</encoding>
 				</configuration>
 			</plugin>
-- 
cgit v1.2.3


From 0c0c12e5c9844e4a6dc968d49198ae16d0236814 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Tue, 14 Dec 2021 16:27:09 +0100
Subject: fix problem with session-data encryption on some deployments

---
 .../moa/id/util/AbstractEncrytionUtil.java         | 47 ++++++++--------------
 .../moa-id-module-sl20_authentication/pom.xml      | 11 +++--
 2 files changed, 22 insertions(+), 36 deletions(-)

(limited to 'id/server')

diff --git a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/AbstractEncrytionUtil.java b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/AbstractEncrytionUtil.java
index 8fdf1eab8..1bf240589 100644
--- a/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/AbstractEncrytionUtil.java
+++ b/id/server/idserverlib/src/main/java/at/gv/egovernment/moa/id/util/AbstractEncrytionUtil.java
@@ -33,7 +33,6 @@ import javax.crypto.KeyGenerator;
 import javax.crypto.SecretKey;
 import javax.crypto.SecretKeyFactory;
 import javax.crypto.spec.GCMParameterSpec;
-import javax.crypto.spec.IvParameterSpec;
 import javax.crypto.spec.PBEKeySpec;
 import javax.crypto.spec.SecretKeySpec;
 
@@ -114,27 +113,18 @@ public abstract class AbstractEncrytionUtil {
 		}		
 	}
 	
-	public EncryptedData encrypt(byte[] data) throws BuildException {
-		Cipher cipher;
-		
+	public EncryptedData encrypt(byte[] data) throws BuildException {		
 		if (secret != null) {
-			try {
-				final byte[] nonce = Random.nextBytes(GCM_NONCE_LENGTH);
-				
-//				final byte[] nonce = new byte[GCM_NONCE_LENGTH];				
-//				SecureRandom.getInstanceStrong().nextBytes(nonce);
-		        
-				GCMParameterSpec spec = new GCMParameterSpec(GCM_TAG_LENGTH * 8, nonce);
-		        
-				cipher = Cipher.getInstance(CIPHER_MODE, "IAIK");				
-			    cipher.init(Cipher.ENCRYPT_MODE, secret, spec);
-				
-			    Logger.debug("Encrypt MOASession");
-			    
-			    byte[] encdata = cipher.doFinal(data);
-			    byte[] iv = cipher.getIV();
-			    
-			    return new EncryptedData(encdata, iv);
+			try {				
+	      final byte[] nonce = Random.nextBytes(GCM_NONCE_LENGTH);
+	      final GCMParameterSpec spec = new GCMParameterSpec(GCM_TAG_LENGTH * 8, nonce);
+	      final Cipher cipher = Cipher.getInstance(CIPHER_MODE);
+	      cipher.init(Cipher.ENCRYPT_MODE, secret, spec);
+			  
+	      final byte[] encdata = cipher.doFinal(data);
+	      final byte[] iv = cipher.getIV();	      				
+			  Logger.trace("Encrypt MOASession");			   
+			  return new EncryptedData(encdata, iv);
 			    
 			} catch (Exception e) {
 				Logger.warn("MOASession is not encrypted",e);
@@ -145,17 +135,14 @@ public abstract class AbstractEncrytionUtil {
 	}
 	
 	public byte[] decrypt(EncryptedData data) throws BuildException {
-		Cipher cipher;
 		
 		if (secret != null) {
-			try {
-				IvParameterSpec iv = new IvParameterSpec(data.getIv());
-				
-				cipher = Cipher.getInstance(CIPHER_MODE, "IAIK");
-			    cipher.init(Cipher.DECRYPT_MODE, secret, iv);
-				
-			    Logger.debug("Decrypt MOASession");
-			    return cipher.doFinal(data.getEncData());
+			try {			    			    
+			    final Cipher cipher = Cipher.getInstance(CIPHER_MODE);
+			    final GCMParameterSpec iv = new GCMParameterSpec(GCM_TAG_LENGTH * 8, data.getIv());
+		      cipher.init(Cipher.DECRYPT_MODE, secret, iv);
+		      Logger.trace("Decrypt MOASession");
+		      return cipher.doFinal(data.getEncData());
 			    
 			} catch (Exception e) {
 				Logger.warn("MOASession is not decrypted",e);
diff --git a/id/server/modules/moa-id-module-sl20_authentication/pom.xml b/id/server/modules/moa-id-module-sl20_authentication/pom.xml
index 0ec133d98..4d65efce2 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/pom.xml
+++ b/id/server/modules/moa-id-module-sl20_authentication/pom.xml
@@ -61,12 +61,11 @@
     	<version>0.7.9</version>
   	</dependency>
   
-  <dependency>
-			<groupId>org.bouncycastle</groupId>
-			<artifactId>bcprov-jdk15on</artifactId>
-			<version>1.70</version>
-			<!-- <scope>provided</scope> -->
-</dependency>
+  	<dependency>
+	  <groupId>org.bouncycastle</groupId>
+	  <artifactId>bcprov-jdk15on</artifactId>
+	  <version>1.70</version>
+	</dependency>
   
   
   	<!-- Dependencies for testing -->
-- 
cgit v1.2.3


From 2b5d22176ff2483e6a682069ee09609dc5aa0a2b Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Tue, 14 Dec 2021 16:27:24 +0100
Subject: update default configuration

---
 id/server/data/deploy/conf/moa-id/moa-id.properties | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

(limited to 'id/server')

diff --git a/id/server/data/deploy/conf/moa-id/moa-id.properties b/id/server/data/deploy/conf/moa-id/moa-id.properties
index 0a579a53d..03640b252 100644
--- a/id/server/data/deploy/conf/moa-id/moa-id.properties
+++ b/id/server/data/deploy/conf/moa-id/moa-id.properties
@@ -226,6 +226,14 @@ modules.elga_mandate.request.sign.password=password
 modules.elga_mandate.response.encryption.alias=pvp_assertion
 modules.elga_mandate.response.encryption.password=password
 
+######## EHVD Service module
+modules.ehvd.enabled=false
+#modules.ehvd.sp.1=
+#modules.ehvd.sp.2=
+modules.ehvd.service.url=
+modules.ehvd.service.role.regex=^1\.2\.40\.0\.34\.5\.2\:(100|101|158)$
+modules.ehvd.role.pvp=EPI-GDA()
+
 ######## SSO Interfederation client module ########
 modules.federatedAuth.keystore.path=keys/moa_idp[password].p12
 modules.federatedAuth.keystore.password=password
@@ -280,4 +288,4 @@ service.egovutil.szr.ssl.laxhostnameverification=false
 ##  Additonal encryption keys can be added by add a ney configuration line, like
 ##    configuration.foreignsectors.pubkey.BMI+T1=MIICuTCCAaG   (VKZ='BMI', Public Target='T1')    
 ########
-#configuration.foreignsectors.pubkey.wbpk+FN+195755b=MIIF2TCCA8GgAw...
\ No newline at end of file
+#configuration.foreignsectors.pubkey.wbpk+FN+195755b=MIIF2TCCA8GgAw...
-- 
cgit v1.2.3


From 595129ee21197f5c03bedb6369dda7ee62178d8d Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Tue, 14 Dec 2021 16:32:45 +0100
Subject: switch to next release version

---
 id/server/auth-edu/pom.xml                                        | 2 +-
 id/server/auth-final/pom.xml                                      | 2 +-
 id/server/idserverlib/pom.xml                                     | 2 +-
 id/server/moa-id-commons/pom.xml                                  | 2 +-
 id/server/moa-id-frontend-resources/pom.xml                       | 2 +-
 id/server/moa-id-jaxb_classes/pom.xml                             | 2 +-
 id/server/moa-id-spring-initializer/pom.xml                       | 2 +-
 id/server/modules/moa-id-modul-citizencard_authentication/pom.xml | 2 +-
 id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml        | 2 +-
 id/server/modules/moa-id-module-E-ID_connector/pom.xml            | 2 +-
 id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml    | 2 +-
 id/server/modules/moa-id-module-dummyAuth/pom.xml                 | 2 +-
 id/server/modules/moa-id-module-eIDAS/pom.xml                     | 2 +-
 id/server/modules/moa-id-module-ehvd_integration/pom.xml          | 2 +-
 id/server/modules/moa-id-module-elga_mandate_service/pom.xml      | 2 +-
 id/server/modules/moa-id-module-openID/pom.xml                    | 2 +-
 id/server/modules/moa-id-module-sl20_authentication/pom.xml       | 2 +-
 id/server/modules/moa-id-module-ssoTransfer/pom.xml               | 2 +-
 id/server/modules/moa-id-modules-federated_authentication/pom.xml | 2 +-
 id/server/modules/moa-id-modules-saml1/pom.xml                    | 2 +-
 id/server/modules/module-monitoring/pom.xml                       | 2 +-
 id/server/modules/pom.xml                                         | 2 +-
 id/server/pom.xml                                                 | 2 +-
 23 files changed, 23 insertions(+), 23 deletions(-)

(limited to 'id/server')

diff --git a/id/server/auth-edu/pom.xml b/id/server/auth-edu/pom.xml
index fc21b4a2c..3129f4af7 100644
--- a/id/server/auth-edu/pom.xml
+++ b/id/server/auth-edu/pom.xml
@@ -2,7 +2,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.1.6-RC1</version>
+		<version>4.1.6</version>
 	</parent>
 	
 	<modelVersion>4.0.0</modelVersion>
diff --git a/id/server/auth-final/pom.xml b/id/server/auth-final/pom.xml
index e00efaa87..4048afeea 100644
--- a/id/server/auth-final/pom.xml
+++ b/id/server/auth-final/pom.xml
@@ -2,7 +2,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.1.6-RC1</version>
+		<version>4.1.6</version>
 	</parent>
 	
 	<modelVersion>4.0.0</modelVersion>
diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml
index c9fd1d195..f32748f37 100644
--- a/id/server/idserverlib/pom.xml
+++ b/id/server/idserverlib/pom.xml
@@ -4,7 +4,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.1.6-RC1</version>
+		<version>4.1.6</version>
 	</parent>
 
 	<groupId>MOA.id.server</groupId>
diff --git a/id/server/moa-id-commons/pom.xml b/id/server/moa-id-commons/pom.xml
index 1aac6b397..aa27d464b 100644
--- a/id/server/moa-id-commons/pom.xml
+++ b/id/server/moa-id-commons/pom.xml
@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.1.6-RC1</version>
+		<version>4.1.6</version>
 	</parent>
 	<artifactId>moa-id-commons</artifactId>
 	<name>moa-id-commons</name>
diff --git a/id/server/moa-id-frontend-resources/pom.xml b/id/server/moa-id-frontend-resources/pom.xml
index d35b62e20..ae87362da 100644
--- a/id/server/moa-id-frontend-resources/pom.xml
+++ b/id/server/moa-id-frontend-resources/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id</groupId>
     <artifactId>moa-id</artifactId>
-    <version>4.1.6-RC1</version>
+    <version>4.1.6</version>
   </parent>
   
   <groupId>MOA.id.server</groupId>
diff --git a/id/server/moa-id-jaxb_classes/pom.xml b/id/server/moa-id-jaxb_classes/pom.xml
index 04b999d40..081dae139 100644
--- a/id/server/moa-id-jaxb_classes/pom.xml
+++ b/id/server/moa-id-jaxb_classes/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id</groupId>
     <artifactId>moa-id</artifactId>
-    <version>4.1.6-RC1</version>
+    <version>4.1.6</version>
   </parent>
   <groupId>MOA.id.server</groupId>
   <artifactId>moa-id-jaxb_classes</artifactId>
diff --git a/id/server/moa-id-spring-initializer/pom.xml b/id/server/moa-id-spring-initializer/pom.xml
index a879ed310..8df6c8028 100644
--- a/id/server/moa-id-spring-initializer/pom.xml
+++ b/id/server/moa-id-spring-initializer/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id</groupId>
     <artifactId>moa-id</artifactId>
-    <version>4.1.6-RC1</version>
+    <version>4.1.6</version>
   </parent>
   
   <groupId>MOA.id.server</groupId>
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml b/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml
index c31b907fe..a92b31b8e 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.6-RC1</version>
+    <version>4.1.6</version>
   </parent>
   <artifactId>moa-id-modul-citizencard_authentication</artifactId>
   
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
index 824197950..a647ca6ed 100644
--- a/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.6-RC1</version>
+    <version>4.1.6</version>
   </parent>
   <artifactId>moa-id-module-AT_eIDAS_connector</artifactId>
   <name>moa-id-module-AT_eIDAS_connector</name>
diff --git a/id/server/modules/moa-id-module-E-ID_connector/pom.xml b/id/server/modules/moa-id-module-E-ID_connector/pom.xml
index 545f39be7..b6f49bba1 100644
--- a/id/server/modules/moa-id-module-E-ID_connector/pom.xml
+++ b/id/server/modules/moa-id-module-E-ID_connector/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.6-RC1</version>
+    <version>4.1.6</version>
   </parent>
   <artifactId>moa-id-module-EID_connector</artifactId>
   <name>moa-id-module-E-ID_connector</name>
diff --git a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml
index 7388fae05..5115e25bb 100644
--- a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml
+++ b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.6-RC1</version>
+    <version>4.1.6</version>
   </parent>
   <artifactId>moa-id-module-bkaMobilaAuthSAML2Test</artifactId>
   <description>BKA MobileAuth Test for SAML2 applications</description>
diff --git a/id/server/modules/moa-id-module-dummyAuth/pom.xml b/id/server/modules/moa-id-module-dummyAuth/pom.xml
index 96cff5dde..7c74bc95c 100644
--- a/id/server/modules/moa-id-module-dummyAuth/pom.xml
+++ b/id/server/modules/moa-id-module-dummyAuth/pom.xml
@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>MOA.id.server.modules</groupId>
 		<artifactId>moa-id-modules</artifactId>
-		<version>4.1.6-RC1</version>
+		<version>4.1.6</version>
 	</parent>
 	<artifactId>moa-id-module-dummy-authenticatiuon</artifactId>
   	<version>${moa-id-dummy-auth.version}</version>
diff --git a/id/server/modules/moa-id-module-eIDAS/pom.xml b/id/server/modules/moa-id-module-eIDAS/pom.xml
index 11aa9c09c..226245acf 100644
--- a/id/server/modules/moa-id-module-eIDAS/pom.xml
+++ b/id/server/modules/moa-id-module-eIDAS/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.6-RC1</version>
+    <version>4.1.6</version>
   </parent>
   <artifactId>moa-id-module-eIDAS</artifactId>
   <name>MOA-ID eIDAS Module</name>
diff --git a/id/server/modules/moa-id-module-ehvd_integration/pom.xml b/id/server/modules/moa-id-module-ehvd_integration/pom.xml
index 1327a33a7..168278fd2 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/pom.xml
+++ b/id/server/modules/moa-id-module-ehvd_integration/pom.xml
@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>MOA.id.server.modules</groupId>
 		<artifactId>moa-id-modules</artifactId>
-		<version>4.1.6-RC1</version>
+		<version>4.1.6</version>
 	</parent>
 	<artifactId>moa-id-module-ehvd_integration</artifactId>
 	<version>${moa-id-ehvd_integration.version}</version>
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/pom.xml b/id/server/modules/moa-id-module-elga_mandate_service/pom.xml
index 51b80a200..dddaab777 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/pom.xml
+++ b/id/server/modules/moa-id-module-elga_mandate_service/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.6-RC1</version>
+    <version>4.1.6</version>
   </parent>
   <artifactId>moa-id-module-elga_mandate_service</artifactId>
   <version>${moa-id-module-elga_mandate_client}</version>
diff --git a/id/server/modules/moa-id-module-openID/pom.xml b/id/server/modules/moa-id-module-openID/pom.xml
index 06e4983ee..9799c88cd 100644
--- a/id/server/modules/moa-id-module-openID/pom.xml
+++ b/id/server/modules/moa-id-module-openID/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.6-RC1</version>
+    <version>4.1.6</version>
   </parent>
   
 	<artifactId>moa-id-module-openID</artifactId>
diff --git a/id/server/modules/moa-id-module-sl20_authentication/pom.xml b/id/server/modules/moa-id-module-sl20_authentication/pom.xml
index 4d65efce2..8efe975c0 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/pom.xml
+++ b/id/server/modules/moa-id-module-sl20_authentication/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.6-RC1</version>
+    <version>4.1.6</version>
   </parent>
   <artifactId>moa-id-module-sl20_authentication</artifactId>
   <name>moa-id-module-sl20_authentication</name>
diff --git a/id/server/modules/moa-id-module-ssoTransfer/pom.xml b/id/server/modules/moa-id-module-ssoTransfer/pom.xml
index 3aed208e4..9f173fb4e 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/pom.xml
+++ b/id/server/modules/moa-id-module-ssoTransfer/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.6-RC1</version>
+    <version>4.1.6</version>
   </parent>
   <artifactId>moa-id-module-ssoTransfer</artifactId>
   <name>MOA-ID_SSO_Transfer_modul</name>
diff --git a/id/server/modules/moa-id-modules-federated_authentication/pom.xml b/id/server/modules/moa-id-modules-federated_authentication/pom.xml
index d4183ab2e..b998bad05 100644
--- a/id/server/modules/moa-id-modules-federated_authentication/pom.xml
+++ b/id/server/modules/moa-id-modules-federated_authentication/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.6-RC1</version>
+    <version>4.1.6</version>
   </parent>
   <artifactId>moa-id-modules-federated_authentication</artifactId>
   <description>PVP2 ServiceProvider implementation for federated authentication</description>
diff --git a/id/server/modules/moa-id-modules-saml1/pom.xml b/id/server/modules/moa-id-modules-saml1/pom.xml
index 2272559f6..c6e77de29 100644
--- a/id/server/modules/moa-id-modules-saml1/pom.xml
+++ b/id/server/modules/moa-id-modules-saml1/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.6-RC1</version>
+    <version>4.1.6</version>
   </parent>
   
 	<artifactId>moa-id-module-saml1</artifactId>
diff --git a/id/server/modules/module-monitoring/pom.xml b/id/server/modules/module-monitoring/pom.xml
index c84a11aae..0beb00edb 100644
--- a/id/server/modules/module-monitoring/pom.xml
+++ b/id/server/modules/module-monitoring/pom.xml
@@ -5,7 +5,7 @@
 	<parent>
 		<groupId>MOA.id.server.modules</groupId>
 		<artifactId>moa-id-modules</artifactId>
-		<version>4.1.6-RC1</version>
+		<version>4.1.6</version>
 	</parent>
 
 	<artifactId>moa-id-module-monitoring</artifactId>
diff --git a/id/server/modules/pom.xml b/id/server/modules/pom.xml
index 33db31267..2bd1bb87e 100644
--- a/id/server/modules/pom.xml
+++ b/id/server/modules/pom.xml
@@ -5,7 +5,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.1.6-RC1</version>
+		<version>4.1.6</version>
 	</parent>
 
 	<groupId>MOA.id.server.modules</groupId>
diff --git a/id/server/pom.xml b/id/server/pom.xml
index 88529fed5..89d5428a2 100644
--- a/id/server/pom.xml
+++ b/id/server/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <groupId>MOA</groupId>
         <artifactId>id</artifactId>
-        <version>4.1.6-RC1</version>
+        <version>4.1.6</version>
     </parent>
 
     <modelVersion>4.0.0</modelVersion>
-- 
cgit v1.2.3


From 0278635fdf6a524afd44aa5336c5a147b78546e0 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Tue, 14 Dec 2021 17:55:46 +0100
Subject: switch to next snapshot version

---
 id/server/auth-edu/pom.xml                                        | 2 +-
 id/server/auth-final/pom.xml                                      | 2 +-
 id/server/idserverlib/pom.xml                                     | 2 +-
 id/server/moa-id-commons/pom.xml                                  | 2 +-
 id/server/moa-id-frontend-resources/pom.xml                       | 2 +-
 id/server/moa-id-jaxb_classes/pom.xml                             | 2 +-
 id/server/moa-id-spring-initializer/pom.xml                       | 2 +-
 id/server/modules/moa-id-modul-citizencard_authentication/pom.xml | 2 +-
 id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml        | 2 +-
 id/server/modules/moa-id-module-E-ID_connector/pom.xml            | 2 +-
 id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml    | 2 +-
 id/server/modules/moa-id-module-dummyAuth/pom.xml                 | 2 +-
 id/server/modules/moa-id-module-eIDAS/pom.xml                     | 2 +-
 id/server/modules/moa-id-module-ehvd_integration/pom.xml          | 2 +-
 id/server/modules/moa-id-module-elga_mandate_service/pom.xml      | 2 +-
 id/server/modules/moa-id-module-openID/pom.xml                    | 2 +-
 id/server/modules/moa-id-module-sl20_authentication/pom.xml       | 2 +-
 id/server/modules/moa-id-module-ssoTransfer/pom.xml               | 2 +-
 id/server/modules/moa-id-modules-federated_authentication/pom.xml | 2 +-
 id/server/modules/moa-id-modules-saml1/pom.xml                    | 2 +-
 id/server/modules/module-monitoring/pom.xml                       | 2 +-
 id/server/modules/pom.xml                                         | 2 +-
 id/server/pom.xml                                                 | 2 +-
 23 files changed, 23 insertions(+), 23 deletions(-)

(limited to 'id/server')

diff --git a/id/server/auth-edu/pom.xml b/id/server/auth-edu/pom.xml
index 3129f4af7..0fbac9369 100644
--- a/id/server/auth-edu/pom.xml
+++ b/id/server/auth-edu/pom.xml
@@ -2,7 +2,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.1.6</version>
+		<version>4.1.7-SNAPSHOT</version>
 	</parent>
 	
 	<modelVersion>4.0.0</modelVersion>
diff --git a/id/server/auth-final/pom.xml b/id/server/auth-final/pom.xml
index 4048afeea..361cda9a8 100644
--- a/id/server/auth-final/pom.xml
+++ b/id/server/auth-final/pom.xml
@@ -2,7 +2,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.1.6</version>
+		<version>4.1.7-SNAPSHOT</version>
 	</parent>
 	
 	<modelVersion>4.0.0</modelVersion>
diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml
index f32748f37..3f21c17ba 100644
--- a/id/server/idserverlib/pom.xml
+++ b/id/server/idserverlib/pom.xml
@@ -4,7 +4,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.1.6</version>
+		<version>4.1.7-SNAPSHOT</version>
 	</parent>
 
 	<groupId>MOA.id.server</groupId>
diff --git a/id/server/moa-id-commons/pom.xml b/id/server/moa-id-commons/pom.xml
index aa27d464b..723ad1225 100644
--- a/id/server/moa-id-commons/pom.xml
+++ b/id/server/moa-id-commons/pom.xml
@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.1.6</version>
+		<version>4.1.7-SNAPSHOT</version>
 	</parent>
 	<artifactId>moa-id-commons</artifactId>
 	<name>moa-id-commons</name>
diff --git a/id/server/moa-id-frontend-resources/pom.xml b/id/server/moa-id-frontend-resources/pom.xml
index ae87362da..ed69118f1 100644
--- a/id/server/moa-id-frontend-resources/pom.xml
+++ b/id/server/moa-id-frontend-resources/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id</groupId>
     <artifactId>moa-id</artifactId>
-    <version>4.1.6</version>
+    <version>4.1.7-SNAPSHOT</version>
   </parent>
   
   <groupId>MOA.id.server</groupId>
diff --git a/id/server/moa-id-jaxb_classes/pom.xml b/id/server/moa-id-jaxb_classes/pom.xml
index 081dae139..ca5916559 100644
--- a/id/server/moa-id-jaxb_classes/pom.xml
+++ b/id/server/moa-id-jaxb_classes/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id</groupId>
     <artifactId>moa-id</artifactId>
-    <version>4.1.6</version>
+    <version>4.1.7-SNAPSHOT</version>
   </parent>
   <groupId>MOA.id.server</groupId>
   <artifactId>moa-id-jaxb_classes</artifactId>
diff --git a/id/server/moa-id-spring-initializer/pom.xml b/id/server/moa-id-spring-initializer/pom.xml
index 8df6c8028..a9113475d 100644
--- a/id/server/moa-id-spring-initializer/pom.xml
+++ b/id/server/moa-id-spring-initializer/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id</groupId>
     <artifactId>moa-id</artifactId>
-    <version>4.1.6</version>
+    <version>4.1.7-SNAPSHOT</version>
   </parent>
   
   <groupId>MOA.id.server</groupId>
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml b/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml
index a92b31b8e..f1a2e4af7 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.6</version>
+    <version>4.1.7-SNAPSHOT</version>
   </parent>
   <artifactId>moa-id-modul-citizencard_authentication</artifactId>
   
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
index a647ca6ed..a3da881b8 100644
--- a/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.6</version>
+    <version>4.1.7-SNAPSHOT</version>
   </parent>
   <artifactId>moa-id-module-AT_eIDAS_connector</artifactId>
   <name>moa-id-module-AT_eIDAS_connector</name>
diff --git a/id/server/modules/moa-id-module-E-ID_connector/pom.xml b/id/server/modules/moa-id-module-E-ID_connector/pom.xml
index b6f49bba1..f66674012 100644
--- a/id/server/modules/moa-id-module-E-ID_connector/pom.xml
+++ b/id/server/modules/moa-id-module-E-ID_connector/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.6</version>
+    <version>4.1.7-SNAPSHOT</version>
   </parent>
   <artifactId>moa-id-module-EID_connector</artifactId>
   <name>moa-id-module-E-ID_connector</name>
diff --git a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml
index 5115e25bb..8bd94942a 100644
--- a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml
+++ b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.6</version>
+    <version>4.1.7-SNAPSHOT</version>
   </parent>
   <artifactId>moa-id-module-bkaMobilaAuthSAML2Test</artifactId>
   <description>BKA MobileAuth Test for SAML2 applications</description>
diff --git a/id/server/modules/moa-id-module-dummyAuth/pom.xml b/id/server/modules/moa-id-module-dummyAuth/pom.xml
index 7c74bc95c..2d874db35 100644
--- a/id/server/modules/moa-id-module-dummyAuth/pom.xml
+++ b/id/server/modules/moa-id-module-dummyAuth/pom.xml
@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>MOA.id.server.modules</groupId>
 		<artifactId>moa-id-modules</artifactId>
-		<version>4.1.6</version>
+		<version>4.1.7-SNAPSHOT</version>
 	</parent>
 	<artifactId>moa-id-module-dummy-authenticatiuon</artifactId>
   	<version>${moa-id-dummy-auth.version}</version>
diff --git a/id/server/modules/moa-id-module-eIDAS/pom.xml b/id/server/modules/moa-id-module-eIDAS/pom.xml
index 226245acf..6605944e5 100644
--- a/id/server/modules/moa-id-module-eIDAS/pom.xml
+++ b/id/server/modules/moa-id-module-eIDAS/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.6</version>
+    <version>4.1.7-SNAPSHOT</version>
   </parent>
   <artifactId>moa-id-module-eIDAS</artifactId>
   <name>MOA-ID eIDAS Module</name>
diff --git a/id/server/modules/moa-id-module-ehvd_integration/pom.xml b/id/server/modules/moa-id-module-ehvd_integration/pom.xml
index 168278fd2..519353d78 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/pom.xml
+++ b/id/server/modules/moa-id-module-ehvd_integration/pom.xml
@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>MOA.id.server.modules</groupId>
 		<artifactId>moa-id-modules</artifactId>
-		<version>4.1.6</version>
+		<version>4.1.7-SNAPSHOT</version>
 	</parent>
 	<artifactId>moa-id-module-ehvd_integration</artifactId>
 	<version>${moa-id-ehvd_integration.version}</version>
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/pom.xml b/id/server/modules/moa-id-module-elga_mandate_service/pom.xml
index dddaab777..59891a9be 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/pom.xml
+++ b/id/server/modules/moa-id-module-elga_mandate_service/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.6</version>
+    <version>4.1.7-SNAPSHOT</version>
   </parent>
   <artifactId>moa-id-module-elga_mandate_service</artifactId>
   <version>${moa-id-module-elga_mandate_client}</version>
diff --git a/id/server/modules/moa-id-module-openID/pom.xml b/id/server/modules/moa-id-module-openID/pom.xml
index 9799c88cd..5d84519e7 100644
--- a/id/server/modules/moa-id-module-openID/pom.xml
+++ b/id/server/modules/moa-id-module-openID/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.6</version>
+    <version>4.1.7-SNAPSHOT</version>
   </parent>
   
 	<artifactId>moa-id-module-openID</artifactId>
diff --git a/id/server/modules/moa-id-module-sl20_authentication/pom.xml b/id/server/modules/moa-id-module-sl20_authentication/pom.xml
index 8efe975c0..80f1c29fa 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/pom.xml
+++ b/id/server/modules/moa-id-module-sl20_authentication/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.6</version>
+    <version>4.1.7-SNAPSHOT</version>
   </parent>
   <artifactId>moa-id-module-sl20_authentication</artifactId>
   <name>moa-id-module-sl20_authentication</name>
diff --git a/id/server/modules/moa-id-module-ssoTransfer/pom.xml b/id/server/modules/moa-id-module-ssoTransfer/pom.xml
index 9f173fb4e..5918ce729 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/pom.xml
+++ b/id/server/modules/moa-id-module-ssoTransfer/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.6</version>
+    <version>4.1.7-SNAPSHOT</version>
   </parent>
   <artifactId>moa-id-module-ssoTransfer</artifactId>
   <name>MOA-ID_SSO_Transfer_modul</name>
diff --git a/id/server/modules/moa-id-modules-federated_authentication/pom.xml b/id/server/modules/moa-id-modules-federated_authentication/pom.xml
index b998bad05..11e0ce41a 100644
--- a/id/server/modules/moa-id-modules-federated_authentication/pom.xml
+++ b/id/server/modules/moa-id-modules-federated_authentication/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.6</version>
+    <version>4.1.7-SNAPSHOT</version>
   </parent>
   <artifactId>moa-id-modules-federated_authentication</artifactId>
   <description>PVP2 ServiceProvider implementation for federated authentication</description>
diff --git a/id/server/modules/moa-id-modules-saml1/pom.xml b/id/server/modules/moa-id-modules-saml1/pom.xml
index c6e77de29..ae61ffca3 100644
--- a/id/server/modules/moa-id-modules-saml1/pom.xml
+++ b/id/server/modules/moa-id-modules-saml1/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.6</version>
+    <version>4.1.7-SNAPSHOT</version>
   </parent>
   
 	<artifactId>moa-id-module-saml1</artifactId>
diff --git a/id/server/modules/module-monitoring/pom.xml b/id/server/modules/module-monitoring/pom.xml
index 0beb00edb..07a20f89a 100644
--- a/id/server/modules/module-monitoring/pom.xml
+++ b/id/server/modules/module-monitoring/pom.xml
@@ -5,7 +5,7 @@
 	<parent>
 		<groupId>MOA.id.server.modules</groupId>
 		<artifactId>moa-id-modules</artifactId>
-		<version>4.1.6</version>
+		<version>4.1.7-SNAPSHOT</version>
 	</parent>
 
 	<artifactId>moa-id-module-monitoring</artifactId>
diff --git a/id/server/modules/pom.xml b/id/server/modules/pom.xml
index 2bd1bb87e..90d0729fe 100644
--- a/id/server/modules/pom.xml
+++ b/id/server/modules/pom.xml
@@ -5,7 +5,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.1.6</version>
+		<version>4.1.7-SNAPSHOT</version>
 	</parent>
 
 	<groupId>MOA.id.server.modules</groupId>
diff --git a/id/server/pom.xml b/id/server/pom.xml
index 89d5428a2..c6fa1f3f0 100644
--- a/id/server/pom.xml
+++ b/id/server/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <groupId>MOA</groupId>
         <artifactId>id</artifactId>
-        <version>4.1.6</version>
+        <version>4.1.7-SNAPSHOT</version>
     </parent>
 
     <modelVersion>4.0.0</modelVersion>
-- 
cgit v1.2.3


From 67e60ddadd062dde4e6ecdf0ef0f574439eb280e Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Tue, 14 Dec 2021 17:56:40 +0100
Subject: update test dependencies to fix warnings during security checks

---
 .../modules/moa-id-module-ehvd_integration/pom.xml | 26 +++++++++++++++++++---
 1 file changed, 23 insertions(+), 3 deletions(-)

(limited to 'id/server')

diff --git a/id/server/modules/moa-id-module-ehvd_integration/pom.xml b/id/server/modules/moa-id-module-ehvd_integration/pom.xml
index 519353d78..a38ebea3d 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/pom.xml
+++ b/id/server/modules/moa-id-module-ehvd_integration/pom.xml
@@ -35,6 +35,16 @@
 			<scope>provided</scope>
 		</dependency>
 
+		<dependency>
+        	<groupId>org.apache.cxf</groupId>
+        	<artifactId>cxf-rt-frontend-jaxws</artifactId>
+        	<scope>provided</scope>
+    	</dependency>
+    	<dependency>
+        	<groupId>org.apache.cxf</groupId>
+        	<artifactId>cxf-rt-transports-http</artifactId>
+        	<scope>provided</scope>
+    	</dependency>
 
 		<dependency>
 			<groupId>org.springframework</groupId>
@@ -62,9 +72,19 @@
       		<groupId>com.github.skjolber</groupId>
       		<artifactId>mockito-soap-cxf</artifactId>
       		<version>1.2.0</version>
-      		<scope>test</scope>
+      		<scope>test</scope>      		
     	</dependency>
-
+		<dependency>
+    		<groupId>org.apache.cxf</groupId>
+    		<artifactId>cxf-rt-transports-http-jetty</artifactId>
+    		<scope>test</scope>
+		</dependency>
+		<dependency>
+    		<groupId>org.apache.tomcat</groupId>
+    		<artifactId>tomcat-servlet-api</artifactId>
+    		<version>9.0.56</version>
+    		<scope>test</scope>
+		</dependency>		
 	</dependencies>
 
 	<build>
@@ -72,7 +92,7 @@
 			<plugin>
 				<groupId>org.apache.cxf</groupId>
 				<artifactId>cxf-codegen-plugin</artifactId>
-				<version>3.4.1</version>
+				<version>3.3.12</version>
 				<dependencies>
 					<dependency>
 						<groupId>xerces</groupId>
-- 
cgit v1.2.3


From 84f2fe6eaebb2370c063eef22fbb463751d08026 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Wed, 15 Dec 2021 08:20:27 +0100
Subject: update one more test dependency

---
 id/server/modules/moa-id-module-ehvd_integration/pom.xml | 5 +++++
 1 file changed, 5 insertions(+)

(limited to 'id/server')

diff --git a/id/server/modules/moa-id-module-ehvd_integration/pom.xml b/id/server/modules/moa-id-module-ehvd_integration/pom.xml
index a38ebea3d..e4b5338fc 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/pom.xml
+++ b/id/server/modules/moa-id-module-ehvd_integration/pom.xml
@@ -80,6 +80,11 @@
     		<scope>test</scope>
 		</dependency>
 		<dependency>
+    		<groupId>org.apache.cxf</groupId>
+    		<artifactId>cxf-rt-rs-extension-providers</artifactId>
+    		<scope>test</scope>
+		</dependency>		
+		<dependency>
     		<groupId>org.apache.tomcat</groupId>
     		<artifactId>tomcat-servlet-api</artifactId>
     		<version>9.0.56</version>
-- 
cgit v1.2.3


From 8ebd4daefc9626248f788dcf5fd340b72a0ec1df Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Wed, 15 Dec 2021 08:25:56 +0100
Subject: switch to next release version

---
 id/server/auth-edu/pom.xml                                        | 2 +-
 id/server/auth-final/pom.xml                                      | 2 +-
 id/server/idserverlib/pom.xml                                     | 2 +-
 id/server/moa-id-commons/pom.xml                                  | 2 +-
 id/server/moa-id-frontend-resources/pom.xml                       | 2 +-
 id/server/moa-id-jaxb_classes/pom.xml                             | 2 +-
 id/server/moa-id-spring-initializer/pom.xml                       | 2 +-
 id/server/modules/moa-id-modul-citizencard_authentication/pom.xml | 2 +-
 id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml        | 2 +-
 id/server/modules/moa-id-module-E-ID_connector/pom.xml            | 2 +-
 id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml    | 2 +-
 id/server/modules/moa-id-module-dummyAuth/pom.xml                 | 2 +-
 id/server/modules/moa-id-module-eIDAS/pom.xml                     | 2 +-
 id/server/modules/moa-id-module-ehvd_integration/pom.xml          | 2 +-
 id/server/modules/moa-id-module-elga_mandate_service/pom.xml      | 2 +-
 id/server/modules/moa-id-module-openID/pom.xml                    | 2 +-
 id/server/modules/moa-id-module-sl20_authentication/pom.xml       | 2 +-
 id/server/modules/moa-id-module-ssoTransfer/pom.xml               | 2 +-
 id/server/modules/moa-id-modules-federated_authentication/pom.xml | 2 +-
 id/server/modules/moa-id-modules-saml1/pom.xml                    | 2 +-
 id/server/modules/module-monitoring/pom.xml                       | 2 +-
 id/server/modules/pom.xml                                         | 2 +-
 id/server/pom.xml                                                 | 2 +-
 23 files changed, 23 insertions(+), 23 deletions(-)

(limited to 'id/server')

diff --git a/id/server/auth-edu/pom.xml b/id/server/auth-edu/pom.xml
index 0fbac9369..d236f2b2c 100644
--- a/id/server/auth-edu/pom.xml
+++ b/id/server/auth-edu/pom.xml
@@ -2,7 +2,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.1.7-SNAPSHOT</version>
+		<version>4.1.7</version>
 	</parent>
 	
 	<modelVersion>4.0.0</modelVersion>
diff --git a/id/server/auth-final/pom.xml b/id/server/auth-final/pom.xml
index 361cda9a8..f35f0db2a 100644
--- a/id/server/auth-final/pom.xml
+++ b/id/server/auth-final/pom.xml
@@ -2,7 +2,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.1.7-SNAPSHOT</version>
+		<version>4.1.7</version>
 	</parent>
 	
 	<modelVersion>4.0.0</modelVersion>
diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml
index 3f21c17ba..9e5a87653 100644
--- a/id/server/idserverlib/pom.xml
+++ b/id/server/idserverlib/pom.xml
@@ -4,7 +4,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.1.7-SNAPSHOT</version>
+		<version>4.1.7</version>
 	</parent>
 
 	<groupId>MOA.id.server</groupId>
diff --git a/id/server/moa-id-commons/pom.xml b/id/server/moa-id-commons/pom.xml
index 723ad1225..30e6d8bb0 100644
--- a/id/server/moa-id-commons/pom.xml
+++ b/id/server/moa-id-commons/pom.xml
@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.1.7-SNAPSHOT</version>
+		<version>4.1.7</version>
 	</parent>
 	<artifactId>moa-id-commons</artifactId>
 	<name>moa-id-commons</name>
diff --git a/id/server/moa-id-frontend-resources/pom.xml b/id/server/moa-id-frontend-resources/pom.xml
index ed69118f1..9239ae710 100644
--- a/id/server/moa-id-frontend-resources/pom.xml
+++ b/id/server/moa-id-frontend-resources/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id</groupId>
     <artifactId>moa-id</artifactId>
-    <version>4.1.7-SNAPSHOT</version>
+    <version>4.1.7</version>
   </parent>
   
   <groupId>MOA.id.server</groupId>
diff --git a/id/server/moa-id-jaxb_classes/pom.xml b/id/server/moa-id-jaxb_classes/pom.xml
index ca5916559..1f1680f18 100644
--- a/id/server/moa-id-jaxb_classes/pom.xml
+++ b/id/server/moa-id-jaxb_classes/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id</groupId>
     <artifactId>moa-id</artifactId>
-    <version>4.1.7-SNAPSHOT</version>
+    <version>4.1.7</version>
   </parent>
   <groupId>MOA.id.server</groupId>
   <artifactId>moa-id-jaxb_classes</artifactId>
diff --git a/id/server/moa-id-spring-initializer/pom.xml b/id/server/moa-id-spring-initializer/pom.xml
index a9113475d..d6cad37fe 100644
--- a/id/server/moa-id-spring-initializer/pom.xml
+++ b/id/server/moa-id-spring-initializer/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id</groupId>
     <artifactId>moa-id</artifactId>
-    <version>4.1.7-SNAPSHOT</version>
+    <version>4.1.7</version>
   </parent>
   
   <groupId>MOA.id.server</groupId>
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml b/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml
index f1a2e4af7..3c3b72aad 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.7-SNAPSHOT</version>
+    <version>4.1.7</version>
   </parent>
   <artifactId>moa-id-modul-citizencard_authentication</artifactId>
   
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
index a3da881b8..1aed3da2c 100644
--- a/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.7-SNAPSHOT</version>
+    <version>4.1.7</version>
   </parent>
   <artifactId>moa-id-module-AT_eIDAS_connector</artifactId>
   <name>moa-id-module-AT_eIDAS_connector</name>
diff --git a/id/server/modules/moa-id-module-E-ID_connector/pom.xml b/id/server/modules/moa-id-module-E-ID_connector/pom.xml
index f66674012..ba6808005 100644
--- a/id/server/modules/moa-id-module-E-ID_connector/pom.xml
+++ b/id/server/modules/moa-id-module-E-ID_connector/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.7-SNAPSHOT</version>
+    <version>4.1.7</version>
   </parent>
   <artifactId>moa-id-module-EID_connector</artifactId>
   <name>moa-id-module-E-ID_connector</name>
diff --git a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml
index 8bd94942a..792c91b9e 100644
--- a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml
+++ b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.7-SNAPSHOT</version>
+    <version>4.1.7</version>
   </parent>
   <artifactId>moa-id-module-bkaMobilaAuthSAML2Test</artifactId>
   <description>BKA MobileAuth Test for SAML2 applications</description>
diff --git a/id/server/modules/moa-id-module-dummyAuth/pom.xml b/id/server/modules/moa-id-module-dummyAuth/pom.xml
index 2d874db35..58d339e14 100644
--- a/id/server/modules/moa-id-module-dummyAuth/pom.xml
+++ b/id/server/modules/moa-id-module-dummyAuth/pom.xml
@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>MOA.id.server.modules</groupId>
 		<artifactId>moa-id-modules</artifactId>
-		<version>4.1.7-SNAPSHOT</version>
+		<version>4.1.7</version>
 	</parent>
 	<artifactId>moa-id-module-dummy-authenticatiuon</artifactId>
   	<version>${moa-id-dummy-auth.version}</version>
diff --git a/id/server/modules/moa-id-module-eIDAS/pom.xml b/id/server/modules/moa-id-module-eIDAS/pom.xml
index 6605944e5..148be2f46 100644
--- a/id/server/modules/moa-id-module-eIDAS/pom.xml
+++ b/id/server/modules/moa-id-module-eIDAS/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.7-SNAPSHOT</version>
+    <version>4.1.7</version>
   </parent>
   <artifactId>moa-id-module-eIDAS</artifactId>
   <name>MOA-ID eIDAS Module</name>
diff --git a/id/server/modules/moa-id-module-ehvd_integration/pom.xml b/id/server/modules/moa-id-module-ehvd_integration/pom.xml
index e4b5338fc..9f3954bde 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/pom.xml
+++ b/id/server/modules/moa-id-module-ehvd_integration/pom.xml
@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>MOA.id.server.modules</groupId>
 		<artifactId>moa-id-modules</artifactId>
-		<version>4.1.7-SNAPSHOT</version>
+		<version>4.1.7</version>
 	</parent>
 	<artifactId>moa-id-module-ehvd_integration</artifactId>
 	<version>${moa-id-ehvd_integration.version}</version>
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/pom.xml b/id/server/modules/moa-id-module-elga_mandate_service/pom.xml
index 59891a9be..a940b80c9 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/pom.xml
+++ b/id/server/modules/moa-id-module-elga_mandate_service/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.7-SNAPSHOT</version>
+    <version>4.1.7</version>
   </parent>
   <artifactId>moa-id-module-elga_mandate_service</artifactId>
   <version>${moa-id-module-elga_mandate_client}</version>
diff --git a/id/server/modules/moa-id-module-openID/pom.xml b/id/server/modules/moa-id-module-openID/pom.xml
index 5d84519e7..1be4ea5eb 100644
--- a/id/server/modules/moa-id-module-openID/pom.xml
+++ b/id/server/modules/moa-id-module-openID/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.7-SNAPSHOT</version>
+    <version>4.1.7</version>
   </parent>
   
 	<artifactId>moa-id-module-openID</artifactId>
diff --git a/id/server/modules/moa-id-module-sl20_authentication/pom.xml b/id/server/modules/moa-id-module-sl20_authentication/pom.xml
index 80f1c29fa..55bc6f8db 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/pom.xml
+++ b/id/server/modules/moa-id-module-sl20_authentication/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.7-SNAPSHOT</version>
+    <version>4.1.7</version>
   </parent>
   <artifactId>moa-id-module-sl20_authentication</artifactId>
   <name>moa-id-module-sl20_authentication</name>
diff --git a/id/server/modules/moa-id-module-ssoTransfer/pom.xml b/id/server/modules/moa-id-module-ssoTransfer/pom.xml
index 5918ce729..68c5887e9 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/pom.xml
+++ b/id/server/modules/moa-id-module-ssoTransfer/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.7-SNAPSHOT</version>
+    <version>4.1.7</version>
   </parent>
   <artifactId>moa-id-module-ssoTransfer</artifactId>
   <name>MOA-ID_SSO_Transfer_modul</name>
diff --git a/id/server/modules/moa-id-modules-federated_authentication/pom.xml b/id/server/modules/moa-id-modules-federated_authentication/pom.xml
index 11e0ce41a..9504e695c 100644
--- a/id/server/modules/moa-id-modules-federated_authentication/pom.xml
+++ b/id/server/modules/moa-id-modules-federated_authentication/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.7-SNAPSHOT</version>
+    <version>4.1.7</version>
   </parent>
   <artifactId>moa-id-modules-federated_authentication</artifactId>
   <description>PVP2 ServiceProvider implementation for federated authentication</description>
diff --git a/id/server/modules/moa-id-modules-saml1/pom.xml b/id/server/modules/moa-id-modules-saml1/pom.xml
index ae61ffca3..e68aa68a7 100644
--- a/id/server/modules/moa-id-modules-saml1/pom.xml
+++ b/id/server/modules/moa-id-modules-saml1/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.7-SNAPSHOT</version>
+    <version>4.1.7</version>
   </parent>
   
 	<artifactId>moa-id-module-saml1</artifactId>
diff --git a/id/server/modules/module-monitoring/pom.xml b/id/server/modules/module-monitoring/pom.xml
index 07a20f89a..5336a7a08 100644
--- a/id/server/modules/module-monitoring/pom.xml
+++ b/id/server/modules/module-monitoring/pom.xml
@@ -5,7 +5,7 @@
 	<parent>
 		<groupId>MOA.id.server.modules</groupId>
 		<artifactId>moa-id-modules</artifactId>
-		<version>4.1.7-SNAPSHOT</version>
+		<version>4.1.7</version>
 	</parent>
 
 	<artifactId>moa-id-module-monitoring</artifactId>
diff --git a/id/server/modules/pom.xml b/id/server/modules/pom.xml
index 90d0729fe..9e43b5602 100644
--- a/id/server/modules/pom.xml
+++ b/id/server/modules/pom.xml
@@ -5,7 +5,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.1.7-SNAPSHOT</version>
+		<version>4.1.7</version>
 	</parent>
 
 	<groupId>MOA.id.server.modules</groupId>
diff --git a/id/server/pom.xml b/id/server/pom.xml
index c6fa1f3f0..ed50d71e3 100644
--- a/id/server/pom.xml
+++ b/id/server/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <groupId>MOA</groupId>
         <artifactId>id</artifactId>
-        <version>4.1.7-SNAPSHOT</version>
+        <version>4.1.7</version>
     </parent>
 
     <modelVersion>4.0.0</modelVersion>
-- 
cgit v1.2.3


From 43752e9eb9bdba0703bacd48dfdbba5190aec7b3 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Wed, 15 Dec 2021 09:35:30 +0100
Subject: switch to next snapshot version

---
 id/server/auth-edu/pom.xml                                        | 2 +-
 id/server/auth-final/pom.xml                                      | 2 +-
 id/server/idserverlib/pom.xml                                     | 2 +-
 id/server/moa-id-commons/pom.xml                                  | 2 +-
 id/server/moa-id-frontend-resources/pom.xml                       | 2 +-
 id/server/moa-id-jaxb_classes/pom.xml                             | 2 +-
 id/server/moa-id-spring-initializer/pom.xml                       | 2 +-
 id/server/modules/moa-id-modul-citizencard_authentication/pom.xml | 2 +-
 id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml        | 2 +-
 id/server/modules/moa-id-module-E-ID_connector/pom.xml            | 2 +-
 id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml    | 2 +-
 id/server/modules/moa-id-module-dummyAuth/pom.xml                 | 2 +-
 id/server/modules/moa-id-module-eIDAS/pom.xml                     | 2 +-
 id/server/modules/moa-id-module-ehvd_integration/pom.xml          | 2 +-
 id/server/modules/moa-id-module-elga_mandate_service/pom.xml      | 2 +-
 id/server/modules/moa-id-module-openID/pom.xml                    | 2 +-
 id/server/modules/moa-id-module-sl20_authentication/pom.xml       | 2 +-
 id/server/modules/moa-id-module-ssoTransfer/pom.xml               | 2 +-
 id/server/modules/moa-id-modules-federated_authentication/pom.xml | 2 +-
 id/server/modules/moa-id-modules-saml1/pom.xml                    | 2 +-
 id/server/modules/module-monitoring/pom.xml                       | 2 +-
 id/server/modules/pom.xml                                         | 2 +-
 id/server/pom.xml                                                 | 2 +-
 23 files changed, 23 insertions(+), 23 deletions(-)

(limited to 'id/server')

diff --git a/id/server/auth-edu/pom.xml b/id/server/auth-edu/pom.xml
index d236f2b2c..4d9433996 100644
--- a/id/server/auth-edu/pom.xml
+++ b/id/server/auth-edu/pom.xml
@@ -2,7 +2,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.1.7</version>
+		<version>4.1.8-SNAPSHOT</version>
 	</parent>
 	
 	<modelVersion>4.0.0</modelVersion>
diff --git a/id/server/auth-final/pom.xml b/id/server/auth-final/pom.xml
index f35f0db2a..684ed38ee 100644
--- a/id/server/auth-final/pom.xml
+++ b/id/server/auth-final/pom.xml
@@ -2,7 +2,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.1.7</version>
+		<version>4.1.8-SNAPSHOT</version>
 	</parent>
 	
 	<modelVersion>4.0.0</modelVersion>
diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml
index 9e5a87653..3b9ad82db 100644
--- a/id/server/idserverlib/pom.xml
+++ b/id/server/idserverlib/pom.xml
@@ -4,7 +4,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.1.7</version>
+		<version>4.1.8-SNAPSHOT</version>
 	</parent>
 
 	<groupId>MOA.id.server</groupId>
diff --git a/id/server/moa-id-commons/pom.xml b/id/server/moa-id-commons/pom.xml
index 30e6d8bb0..446c11437 100644
--- a/id/server/moa-id-commons/pom.xml
+++ b/id/server/moa-id-commons/pom.xml
@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.1.7</version>
+		<version>4.1.8-SNAPSHOT</version>
 	</parent>
 	<artifactId>moa-id-commons</artifactId>
 	<name>moa-id-commons</name>
diff --git a/id/server/moa-id-frontend-resources/pom.xml b/id/server/moa-id-frontend-resources/pom.xml
index 9239ae710..c5055579d 100644
--- a/id/server/moa-id-frontend-resources/pom.xml
+++ b/id/server/moa-id-frontend-resources/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id</groupId>
     <artifactId>moa-id</artifactId>
-    <version>4.1.7</version>
+    <version>4.1.8-SNAPSHOT</version>
   </parent>
   
   <groupId>MOA.id.server</groupId>
diff --git a/id/server/moa-id-jaxb_classes/pom.xml b/id/server/moa-id-jaxb_classes/pom.xml
index 1f1680f18..85deb3bc3 100644
--- a/id/server/moa-id-jaxb_classes/pom.xml
+++ b/id/server/moa-id-jaxb_classes/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id</groupId>
     <artifactId>moa-id</artifactId>
-    <version>4.1.7</version>
+    <version>4.1.8-SNAPSHOT</version>
   </parent>
   <groupId>MOA.id.server</groupId>
   <artifactId>moa-id-jaxb_classes</artifactId>
diff --git a/id/server/moa-id-spring-initializer/pom.xml b/id/server/moa-id-spring-initializer/pom.xml
index d6cad37fe..3ed24aa40 100644
--- a/id/server/moa-id-spring-initializer/pom.xml
+++ b/id/server/moa-id-spring-initializer/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id</groupId>
     <artifactId>moa-id</artifactId>
-    <version>4.1.7</version>
+    <version>4.1.8-SNAPSHOT</version>
   </parent>
   
   <groupId>MOA.id.server</groupId>
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml b/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml
index 3c3b72aad..75be84014 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.7</version>
+    <version>4.1.8-SNAPSHOT</version>
   </parent>
   <artifactId>moa-id-modul-citizencard_authentication</artifactId>
   
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
index 1aed3da2c..2ad472cbe 100644
--- a/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.7</version>
+    <version>4.1.8-SNAPSHOT</version>
   </parent>
   <artifactId>moa-id-module-AT_eIDAS_connector</artifactId>
   <name>moa-id-module-AT_eIDAS_connector</name>
diff --git a/id/server/modules/moa-id-module-E-ID_connector/pom.xml b/id/server/modules/moa-id-module-E-ID_connector/pom.xml
index ba6808005..a99a45e6e 100644
--- a/id/server/modules/moa-id-module-E-ID_connector/pom.xml
+++ b/id/server/modules/moa-id-module-E-ID_connector/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.7</version>
+    <version>4.1.8-SNAPSHOT</version>
   </parent>
   <artifactId>moa-id-module-EID_connector</artifactId>
   <name>moa-id-module-E-ID_connector</name>
diff --git a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml
index 792c91b9e..e61236e7f 100644
--- a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml
+++ b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.7</version>
+    <version>4.1.8-SNAPSHOT</version>
   </parent>
   <artifactId>moa-id-module-bkaMobilaAuthSAML2Test</artifactId>
   <description>BKA MobileAuth Test for SAML2 applications</description>
diff --git a/id/server/modules/moa-id-module-dummyAuth/pom.xml b/id/server/modules/moa-id-module-dummyAuth/pom.xml
index 58d339e14..d5a58f113 100644
--- a/id/server/modules/moa-id-module-dummyAuth/pom.xml
+++ b/id/server/modules/moa-id-module-dummyAuth/pom.xml
@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>MOA.id.server.modules</groupId>
 		<artifactId>moa-id-modules</artifactId>
-		<version>4.1.7</version>
+		<version>4.1.8-SNAPSHOT</version>
 	</parent>
 	<artifactId>moa-id-module-dummy-authenticatiuon</artifactId>
   	<version>${moa-id-dummy-auth.version}</version>
diff --git a/id/server/modules/moa-id-module-eIDAS/pom.xml b/id/server/modules/moa-id-module-eIDAS/pom.xml
index 148be2f46..a6f5a2c83 100644
--- a/id/server/modules/moa-id-module-eIDAS/pom.xml
+++ b/id/server/modules/moa-id-module-eIDAS/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.7</version>
+    <version>4.1.8-SNAPSHOT</version>
   </parent>
   <artifactId>moa-id-module-eIDAS</artifactId>
   <name>MOA-ID eIDAS Module</name>
diff --git a/id/server/modules/moa-id-module-ehvd_integration/pom.xml b/id/server/modules/moa-id-module-ehvd_integration/pom.xml
index 9f3954bde..1ef6908c4 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/pom.xml
+++ b/id/server/modules/moa-id-module-ehvd_integration/pom.xml
@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>MOA.id.server.modules</groupId>
 		<artifactId>moa-id-modules</artifactId>
-		<version>4.1.7</version>
+		<version>4.1.8-SNAPSHOT</version>
 	</parent>
 	<artifactId>moa-id-module-ehvd_integration</artifactId>
 	<version>${moa-id-ehvd_integration.version}</version>
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/pom.xml b/id/server/modules/moa-id-module-elga_mandate_service/pom.xml
index a940b80c9..13be03c0e 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/pom.xml
+++ b/id/server/modules/moa-id-module-elga_mandate_service/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.7</version>
+    <version>4.1.8-SNAPSHOT</version>
   </parent>
   <artifactId>moa-id-module-elga_mandate_service</artifactId>
   <version>${moa-id-module-elga_mandate_client}</version>
diff --git a/id/server/modules/moa-id-module-openID/pom.xml b/id/server/modules/moa-id-module-openID/pom.xml
index 1be4ea5eb..38fe3bb14 100644
--- a/id/server/modules/moa-id-module-openID/pom.xml
+++ b/id/server/modules/moa-id-module-openID/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.7</version>
+    <version>4.1.8-SNAPSHOT</version>
   </parent>
   
 	<artifactId>moa-id-module-openID</artifactId>
diff --git a/id/server/modules/moa-id-module-sl20_authentication/pom.xml b/id/server/modules/moa-id-module-sl20_authentication/pom.xml
index 55bc6f8db..1aeea25bb 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/pom.xml
+++ b/id/server/modules/moa-id-module-sl20_authentication/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.7</version>
+    <version>4.1.8-SNAPSHOT</version>
   </parent>
   <artifactId>moa-id-module-sl20_authentication</artifactId>
   <name>moa-id-module-sl20_authentication</name>
diff --git a/id/server/modules/moa-id-module-ssoTransfer/pom.xml b/id/server/modules/moa-id-module-ssoTransfer/pom.xml
index 68c5887e9..986729a66 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/pom.xml
+++ b/id/server/modules/moa-id-module-ssoTransfer/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.7</version>
+    <version>4.1.8-SNAPSHOT</version>
   </parent>
   <artifactId>moa-id-module-ssoTransfer</artifactId>
   <name>MOA-ID_SSO_Transfer_modul</name>
diff --git a/id/server/modules/moa-id-modules-federated_authentication/pom.xml b/id/server/modules/moa-id-modules-federated_authentication/pom.xml
index 9504e695c..748a1144a 100644
--- a/id/server/modules/moa-id-modules-federated_authentication/pom.xml
+++ b/id/server/modules/moa-id-modules-federated_authentication/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.7</version>
+    <version>4.1.8-SNAPSHOT</version>
   </parent>
   <artifactId>moa-id-modules-federated_authentication</artifactId>
   <description>PVP2 ServiceProvider implementation for federated authentication</description>
diff --git a/id/server/modules/moa-id-modules-saml1/pom.xml b/id/server/modules/moa-id-modules-saml1/pom.xml
index e68aa68a7..552abc3a2 100644
--- a/id/server/modules/moa-id-modules-saml1/pom.xml
+++ b/id/server/modules/moa-id-modules-saml1/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.7</version>
+    <version>4.1.8-SNAPSHOT</version>
   </parent>
   
 	<artifactId>moa-id-module-saml1</artifactId>
diff --git a/id/server/modules/module-monitoring/pom.xml b/id/server/modules/module-monitoring/pom.xml
index 5336a7a08..dd5d6b707 100644
--- a/id/server/modules/module-monitoring/pom.xml
+++ b/id/server/modules/module-monitoring/pom.xml
@@ -5,7 +5,7 @@
 	<parent>
 		<groupId>MOA.id.server.modules</groupId>
 		<artifactId>moa-id-modules</artifactId>
-		<version>4.1.7</version>
+		<version>4.1.8-SNAPSHOT</version>
 	</parent>
 
 	<artifactId>moa-id-module-monitoring</artifactId>
diff --git a/id/server/modules/pom.xml b/id/server/modules/pom.xml
index 9e43b5602..a265c0486 100644
--- a/id/server/modules/pom.xml
+++ b/id/server/modules/pom.xml
@@ -5,7 +5,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.1.7</version>
+		<version>4.1.8-SNAPSHOT</version>
 	</parent>
 
 	<groupId>MOA.id.server.modules</groupId>
diff --git a/id/server/pom.xml b/id/server/pom.xml
index ed50d71e3..5ecb68a0d 100644
--- a/id/server/pom.xml
+++ b/id/server/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <groupId>MOA</groupId>
         <artifactId>id</artifactId>
-        <version>4.1.7</version>
+        <version>4.1.8-SNAPSHOT</version>
     </parent>
 
     <modelVersion>4.0.0</modelVersion>
-- 
cgit v1.2.3


From 7f39aaa3d8633e9f05d2570c756e5e1fcac9b017 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Mon, 20 Dec 2021 08:16:01 +0100
Subject: switch from log4j to logback

---
 id/server/auth-edu/pom.xml                         |   9 +-
 id/server/auth-edu/src/main/resources/logback.xml  |  79 +++++++++++
 id/server/auth-final/pom.xml                       |   4 +
 .../auth-final/src/main/resources/logback.xml      | 100 ++++++++++++++
 .../deploy/conf/moa-id-configuration/logback.xml   |  40 ++++++
 .../conf/moa-id-configuration/logback_config.xml   |  71 ----------
 id/server/data/deploy/conf/moa-id-oa/logback.xml   |  30 +++++
 id/server/data/deploy/conf/moa-id/log4j.properties |  62 ---------
 id/server/data/deploy/conf/moa-id/logback.xml      |  79 +++++++++++
 .../data/deploy/conf/moa-id/logback_config.xml     | 105 ---------------
 id/server/data/deploy/tomcat/unix/tomcat-start.sh  |   3 +-
 id/server/data/deploy/tomcat/win32/startTomcat.bat |   3 +-
 id/server/doc/handbook/install/install.html        | 144 ++++++++++-----------
 id/server/moa-id-commons/pom.xml                   |   5 +-
 14 files changed, 414 insertions(+), 320 deletions(-)
 create mode 100644 id/server/auth-edu/src/main/resources/logback.xml
 create mode 100644 id/server/auth-final/src/main/resources/logback.xml
 create mode 100644 id/server/data/deploy/conf/moa-id-configuration/logback.xml
 delete mode 100644 id/server/data/deploy/conf/moa-id-configuration/logback_config.xml
 create mode 100644 id/server/data/deploy/conf/moa-id-oa/logback.xml
 delete mode 100644 id/server/data/deploy/conf/moa-id/log4j.properties
 create mode 100644 id/server/data/deploy/conf/moa-id/logback.xml
 delete mode 100644 id/server/data/deploy/conf/moa-id/logback_config.xml

(limited to 'id/server')

diff --git a/id/server/auth-edu/pom.xml b/id/server/auth-edu/pom.xml
index 4d9433996..09e569ff0 100644
--- a/id/server/auth-edu/pom.xml
+++ b/id/server/auth-edu/pom.xml
@@ -230,8 +230,13 @@
 
     	<dependency>
 			<groupId>MOA.id.server.modules</groupId>
-    	<artifactId>moa-id-module-ehvd_integration</artifactId>
-    </dependency>    
+    		<artifactId>moa-id-module-ehvd_integration</artifactId>
+    	</dependency>    
+    
+    	<dependency>
+    		<groupId>ch.qos.logback</groupId>
+    		<artifactId>logback-classic</artifactId>
+		</dependency>
     
 <!-- 	
 		<dependency>
diff --git a/id/server/auth-edu/src/main/resources/logback.xml b/id/server/auth-edu/src/main/resources/logback.xml
new file mode 100644
index 000000000..3f0d54fe5
--- /dev/null
+++ b/id/server/auth-edu/src/main/resources/logback.xml
@@ -0,0 +1,79 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+  <appender name="moaid" class="ch.qos.logback.core.rolling.RollingFileAppender">
+    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
+    <File>${catalina.base}/logs/moa-id.log</File>
+    <encoder>
+      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n</pattern>
+    </encoder>
+    <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+      <maxIndex>1</maxIndex>
+      <FileNamePattern>${catalina.base}/logs/moa-id.log.%i.gz</FileNamePattern>
+    </rollingPolicy>
+    <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+      <MaxFileSize>10000KB</MaxFileSize>
+    </triggeringPolicy>
+  </appender>
+  <appender name="moaspss" class="ch.qos.logback.core.rolling.RollingFileAppender">
+    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
+    <File>${catalina.base}/logs/moa-spss.log</File>
+    <encoder>
+      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n</pattern>
+    </encoder>
+    <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+      <maxIndex>1</maxIndex>
+      <FileNamePattern>${catalina.base}/logs/moa-spss.log.%i.gz</FileNamePattern>
+    </rollingPolicy>
+    <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+      <MaxFileSize>10000KB</MaxFileSize>
+    </triggeringPolicy>
+  </appender>
+  <appender name="reversion" class="ch.qos.logback.core.rolling.RollingFileAppender">
+    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
+    <File>${catalina.base}/moa-id-reversion.log</File>
+    <encoder>
+      <pattern>%5p | %d{ISO8601} | %t | %m%n</pattern>
+    </encoder>
+    <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+      <maxIndex>9999</maxIndex>
+      <FileNamePattern>${catalina.base}/moa-id-reversion.log.%i.gz</FileNamePattern>
+    </rollingPolicy>
+    <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+      <MaxFileSize>10000KB</MaxFileSize>
+    </triggeringPolicy>
+  </appender>
+  <appender name="stdout" class="ch.qos.logback.core.ConsoleAppender">
+    <encoder>
+      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} |%20.20c | %10t | %m%n</pattern>
+    </encoder>
+  </appender> 
+
+  <logger name="at.gv.egovernment.moa.id" level="info">
+    <appender-ref ref="moaid"/>
+  </logger>
+
+  <logger name="at.gv.egiz.eventlog.plain.all" level="info">
+    <appender-ref ref="reversion"/>
+  </logger>
+    
+  <logger name="at.gv.egiz.eaaf" level="info">
+    <appender-ref ref="moaid"/>
+  </logger>
+  <logger name="at.gv.egiz.components.configuration" level="info">
+    <appender-ref ref="CONFIGTOOL"/>
+  </logger>
+  
+  <logger name="at.gv.egovernment.moa.spss" level="info">
+    <appender-ref ref="moaspss"/>
+  </logger>
+  <logger name="pki" level="info">
+    <appender-ref ref="moaspss"/>
+  </logger>  
+  <logger name="iaik.server" level="info">
+    <appender-ref ref="moaspss"/>
+  </logger>
+
+  <root level="warn">
+    <appender-ref ref="stdout"/>
+  </root>
+</configuration>
diff --git a/id/server/auth-final/pom.xml b/id/server/auth-final/pom.xml
index 684ed38ee..2ed05cad4 100644
--- a/id/server/auth-final/pom.xml
+++ b/id/server/auth-final/pom.xml
@@ -176,6 +176,10 @@
      	  <artifactId>moa-id-module-ehvd_integration</artifactId>
         </dependency>
 
+		<dependency>
+    		<groupId>ch.qos.logback</groupId>
+    		<artifactId>logback-classic</artifactId>
+		</dependency>
 				
         <!-- transitive dependencies we don't want to include into the war -->
 		<dependency>
diff --git a/id/server/auth-final/src/main/resources/logback.xml b/id/server/auth-final/src/main/resources/logback.xml
new file mode 100644
index 000000000..e5394d87a
--- /dev/null
+++ b/id/server/auth-final/src/main/resources/logback.xml
@@ -0,0 +1,100 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+  <appender name="moaid" class="ch.qos.logback.core.rolling.RollingFileAppender">
+    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
+    <File>${catalina.base}/logs/moa-id.log</File>
+    <encoder>
+      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n</pattern>
+    </encoder>
+    <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+      <maxIndex>1</maxIndex>
+      <FileNamePattern>${catalina.base}/logs/moa-id.log.%i</FileNamePattern>
+    </rollingPolicy>
+    <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+      <MaxFileSize>10000KB</MaxFileSize>
+    </triggeringPolicy>
+  </appender>
+  <appender name="moaspss" class="ch.qos.logback.core.rolling.RollingFileAppender">
+    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
+    <File>${catalina.base}/logs/moa-spss.log</File>
+    <encoder>
+      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n</pattern>
+    </encoder>
+    <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+      <maxIndex>1</maxIndex>
+      <FileNamePattern>${catalina.base}/logs/moa-spss.log.%i</FileNamePattern>
+    </rollingPolicy>
+    <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+      <MaxFileSize>10000KB</MaxFileSize>
+    </triggeringPolicy>
+  </appender>
+  <appender name="CONFIGTOOL" class="ch.qos.logback.core.rolling.RollingFileAppender">
+    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
+    <File>${catalina.base}/logs/moa-id-webgui.log</File>
+    <encoder>
+      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n</pattern>
+    </encoder>
+    <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+      <maxIndex>1</maxIndex>
+      <FileNamePattern>${catalina.base}/logs/moa-id-webgui.log.%i</FileNamePattern>
+    </rollingPolicy>
+    <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+      <MaxFileSize>10000KB</MaxFileSize>
+    </triggeringPolicy>
+  </appender>
+  <appender name="reversion" class="ch.qos.logback.core.rolling.RollingFileAppender">
+    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
+    <File>${catalina.base}/moa-id-reversion.log</File>
+    <encoder>
+      <pattern>%5p | %d{ISO8601} | %t | %m%n</pattern>
+    </encoder>
+    <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+      <maxIndex>9999</maxIndex>
+      <FileNamePattern>${catalina.base}/moa-id-reversion.log.%i</FileNamePattern>
+    </rollingPolicy>
+    <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+      <MaxFileSize>10000KB</MaxFileSize>
+    </triggeringPolicy>
+  </appender>
+  <appender name="stdout" class="ch.qos.logback.core.ConsoleAppender">
+    <encoder>
+      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} |%20.20c | %10t | %m%n</pattern>
+    </encoder>
+  </appender> 
+
+  <logger name="at.gv.egovernment.moa.id" level="info">
+    <appender-ref ref="moaid"/>
+  </logger>
+
+  <logger name="at.gv.egiz.eventlog.plain.all" level="info">
+    <appender-ref ref="reversion"/>
+  </logger>
+
+  <logger name="at.gv.egovernment.moa.id.configuration" level="info">
+    <appender-ref ref="CONFIGTOOL"/>
+  </logger>
+  <logger name="at.gv.egovernment.moa.id.config.webgui" level="info">
+    <appender-ref ref="CONFIGTOOL"/>
+  </logger>
+  
+  <logger name="at.gv.egiz.eaaf" level="info">
+    <appender-ref ref="moaid"/>
+  </logger>
+  <logger name="at.gv.egiz.components.configuration" level="info">
+    <appender-ref ref="CONFIGTOOL"/>
+  </logger>
+  
+  <logger name="at.gv.egovernment.moa.spss" level="info">
+    <appender-ref ref="moaspss"/>
+  </logger>
+  <logger name="pki" level="info">
+    <appender-ref ref="moaspss"/>
+  </logger>  
+  <logger name="iaik.server" level="info">
+    <appender-ref ref="moaspss"/>
+  </logger>
+
+  <root level="warn">
+    <appender-ref ref="stdout"/>
+  </root>
+</configuration>
diff --git a/id/server/data/deploy/conf/moa-id-configuration/logback.xml b/id/server/data/deploy/conf/moa-id-configuration/logback.xml
new file mode 100644
index 000000000..fc7508598
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-id-configuration/logback.xml
@@ -0,0 +1,40 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+  <appender name="CONFIGTOOL" class="ch.qos.logback.core.rolling.RollingFileAppender">
+    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
+    <File>${catalina.base}/logs/moa-id-webgui.log</File>
+    <encoder>
+      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n</pattern>
+    </encoder>
+    <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+      <maxIndex>1</maxIndex>
+      <FileNamePattern>${catalina.base}/logs/moa-id-webgui.log.%i.gz</FileNamePattern>
+    </rollingPolicy>
+    <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+      <MaxFileSize>10000KB</MaxFileSize>
+    </triggeringPolicy>
+  </appender>
+  <appender name="stdout" class="ch.qos.logback.core.ConsoleAppender">
+    <encoder>
+      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} |%20.20c | %10t | %m%n</pattern>
+    </encoder>
+  </appender> 
+
+  <logger name="at.gv.egovernment.moa.id.configuration" level="info">
+    <appender-ref ref="CONFIGTOOL"/>
+  </logger>
+  <logger name="at.gv.egovernment.moa.id.config.webgui" level="info">
+    <appender-ref ref="CONFIGTOOL"/>
+  </logger>
+  
+  <logger name="at.gv.egiz.eaaf" level="info">
+    <appender-ref ref="moaid"/>
+  </logger>
+  <logger name="at.gv.egiz.components.configuration" level="info">
+    <appender-ref ref="CONFIGTOOL"/>
+  </logger>
+  
+  <root level="warn">
+    <appender-ref ref="stdout"/>
+  </root>
+</configuration>
diff --git a/id/server/data/deploy/conf/moa-id-configuration/logback_config.xml b/id/server/data/deploy/conf/moa-id-configuration/logback_config.xml
deleted file mode 100644
index c00e62e52..000000000
--- a/id/server/data/deploy/conf/moa-id-configuration/logback_config.xml
+++ /dev/null
@@ -1,71 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<!-- For assistance related to logback-translator or configuration  -->
-<!-- files in general, please contact the logback user mailing list -->
-<!-- at http://www.qos.ch/mailman/listinfo/logback-user             -->
-<!--                                                                -->
-<!-- For professional support please see                            -->
-<!--    http://www.qos.ch/shop/products/professionalSupport         -->
-<!--                                                                -->
-<configuration>
-  <!-- Errors were reported during translation. -->
-  <!-- No class found for appender CONFIGTOOL R -->
-  <!-- Could not find transformer for null -->
-  <appender name="R" class="ch.qos.logback.core.rolling.RollingFileAppender">
-    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
-    <File>${catalina.base}/logs/moa-id.log</File>
-    <encoder>
-      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{transactionId} | %t | %m%n</pattern>
-    </encoder>
-    <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
-      <maxIndex>1</maxIndex>
-      <FileNamePattern>${catalina.base}/logs/moa-id.log.%i</FileNamePattern>
-    </rollingPolicy>
-    <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
-      <MaxFileSize>10000KB</MaxFileSize>
-    </triggeringPolicy>
-  </appender>
-  <appender name="CONFIGTOOL R">
-    <!--No layout specified for appender named [CONFIGTOOL R] of class [null]-->
-  </appender>
-  <appender name="CONFIGTOOL" class="ch.qos.logback.core.rolling.RollingFileAppender">
-    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
-    <File>${catalina.base}/logs/moa-id-webgui.log</File>
-    <encoder>
-      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{transactionId} | %t | %m%n</pattern>
-    </encoder>
-    <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
-      <maxIndex>1</maxIndex>
-      <FileNamePattern>${catalina.base}/logs/moa-id-webgui.log.%i</FileNamePattern>
-    </rollingPolicy>
-    <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
-      <MaxFileSize>10000KB</MaxFileSize>
-    </triggeringPolicy>
-  </appender>
-  <appender name="stdout" class="ch.qos.logback.core.ConsoleAppender">
-    <encoder>
-      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{transactionId} |%20.20c | %10t | %m%n</pattern>
-    </encoder>
-  </appender>
-  <logger name="eu.stork" level="info"/>
-  <logger name="iaik.server" level="info"/>
-  <logger name="at.gv.egovernment.moa.id" level="info">
-    <appender-ref ref="R"/>
-  </logger>
-  <logger name="at.gv.egovernment.moa.id.commons" level="info">
-    <appender-ref ref="CONFIGTOOL R"/>
-  </logger>
-  <logger name="org.hibernate" level="warn"/>
-  <logger name="at.gv.egiz.components.configuration" level="info">
-    <appender-ref ref="CONFIGTOOL"/>
-  </logger>
-  <logger name="at.gv.egovernment.moa.id.proxy" level="info"/>
-  <logger name="at.gv.egovernment.moa.id.config.webgui" level="info">
-    <appender-ref ref="CONFIGTOOL"/>
-  </logger>
-  <logger name="at.gv.egovernment.moa.spss" level="info"/>
-  <logger name="at.gv.egovernment.moa" level="info"/>
-  <root level="info">
-    <appender-ref ref="stdout"/>
-  </root>
-</configuration>
diff --git a/id/server/data/deploy/conf/moa-id-oa/logback.xml b/id/server/data/deploy/conf/moa-id-oa/logback.xml
new file mode 100644
index 000000000..b94b7476a
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-id-oa/logback.xml
@@ -0,0 +1,30 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+  <appender name="DEMO_SP" class="ch.qos.logback.core.rolling.RollingFileAppender">
+    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
+    <File>${catalina.base}/logs/moa-demo-sp.log</File>
+    <encoder>
+      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n</pattern>
+    </encoder>
+    <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+      <maxIndex>1</maxIndex>
+      <FileNamePattern>${catalina.base}/logs/moa-demo-sp.%i.gz</FileNamePattern>
+    </rollingPolicy>
+    <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTrimoa-demo-spggeringPolicy">
+      <MaxFileSize>10000KB</MaxFileSize>
+    </triggeringPolicy>
+  </appender>
+  <appender name="stdout" class="ch.qos.logback.core.ConsoleAppender">
+    <encoder>
+      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} |%20.20c | %10t | %m%n</pattern>
+    </encoder>
+  </appender> 
+
+  <logger name="at.gv.egovernment.moa.id.demoOA" level="info">
+    <appender-ref ref="DEMO_SP"/>
+  </logger>
+  
+  <root level="warn">
+    <appender-ref ref="stdout"/>
+  </root>
+</configuration>
diff --git a/id/server/data/deploy/conf/moa-id/log4j.properties b/id/server/data/deploy/conf/moa-id/log4j.properties
deleted file mode 100644
index 2914fcff1..000000000
--- a/id/server/data/deploy/conf/moa-id/log4j.properties
+++ /dev/null
@@ -1,62 +0,0 @@
-# commons-logging setup
-org.apache.commons.logging.LogFactory=org.apache.commons.logging.impl.Log4jFactory
-
-# define log4j root loggers
-log4j.rootLogger=warn,stdout
-
-### MOA-ID process log ###
-log4j.logger.at.gv.egiz.eaaf=info,moaid
-log4j.logger.at.gv.egovernment.moa.id=info,moaid
-log4j.logger.at.gv.egovernment.moa.spss=info,moaid
-
-### process revision log with event-codes ###
-log4j.logger.at.gv.egiz.eventlog.plain.all=info,reversion
-
-### Signature verification and certificate proofing ####
-log4j.logger.at.gv.egovernment.moa.spss=info,moaspss
-log4j.logger.iaik.server=info,moaspss
-log4j.logger.pki=info,moaspss
-
-### ConfigTool Logs ####
-log4j.logger.at.gv.egiz.components.configuration=info,CONFIGTOOL
-log4j.logger.at.gv.egovernment.moa.id.commons=info,CONFIGTOOL
-log4j.logger.at.gv.egovernment.moa.id.config.webgui=info,CONFIGTOOL
-log4j.logger.at.gv.egovernment.moa.id.configuration=info,CONFIGTOOL
-
-
-### Log Appender ####
-# configure the stdout appender
-log4j.appender.stdout=org.apache.log4j.ConsoleAppender
-log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
-log4j.appender.stdout.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} |%20.20c | %10t | %m%n
-
-# configure the rolling file appender (moaid)
-log4j.appender.moaid=org.apache.log4j.RollingFileAppender
-log4j.appender.moaid.File=${catalina.base}/logs/moa-id.log
-log4j.appender.moaid.MaxFileSize=10000KB
-log4j.appender.moaid.MaxBackupIndex=1
-log4j.appender.moaid.layout=org.apache.log4j.PatternLayout
-log4j.appender.moaid.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n
-
-# configure the rolling file appender (moaid)
-log4j.appender.moaspss=org.apache.log4j.RollingFileAppender
-log4j.appender.moaspss.File=${catalina.base}/logs/moa-spss.log
-log4j.appender.moaspss.MaxFileSize=10000KB
-log4j.appender.moaspss.MaxBackupIndex=1
-log4j.appender.moaspss.layout=org.apache.log4j.PatternLayout
-log4j.appender.moaspss.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n
-
-log4j.appender.reversion=org.apache.log4j.RollingFileAppender
-log4j.appender.reversion.File=${catalina.base}/moa-id-reversion.log
-log4j.appender.reversion.MaxFileSize=10000KB
-log4j.appender.reversion.MaxBackupIndex=9999
-log4j.appender.reversion.layout=org.apache.log4j.PatternLayout
-log4j.appender.reversion.layout.ConversionPattern=%5p | %d{ISO8601} | %t | %m%n
-
-# configure the rolling file appender (configtool)
-log4j.appender.CONFIGTOOL=org.apache.log4j.RollingFileAppender
-log4j.appender.CONFIGTOOL.File=${catalina.base}/logs/moa-id-webgui.log
-log4j.appender.CONFIGTOOL.MaxFileSize=10000KB
-log4j.appender.CONFIGTOOL.MaxBackupIndex=1
-log4j.appender.CONFIGTOOL.layout=org.apache.log4j.PatternLayout
-log4j.appender.CONFIGTOOL.layout.ConversionPattern=%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n
\ No newline at end of file
diff --git a/id/server/data/deploy/conf/moa-id/logback.xml b/id/server/data/deploy/conf/moa-id/logback.xml
new file mode 100644
index 000000000..3f0d54fe5
--- /dev/null
+++ b/id/server/data/deploy/conf/moa-id/logback.xml
@@ -0,0 +1,79 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<configuration>
+  <appender name="moaid" class="ch.qos.logback.core.rolling.RollingFileAppender">
+    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
+    <File>${catalina.base}/logs/moa-id.log</File>
+    <encoder>
+      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n</pattern>
+    </encoder>
+    <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+      <maxIndex>1</maxIndex>
+      <FileNamePattern>${catalina.base}/logs/moa-id.log.%i.gz</FileNamePattern>
+    </rollingPolicy>
+    <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+      <MaxFileSize>10000KB</MaxFileSize>
+    </triggeringPolicy>
+  </appender>
+  <appender name="moaspss" class="ch.qos.logback.core.rolling.RollingFileAppender">
+    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
+    <File>${catalina.base}/logs/moa-spss.log</File>
+    <encoder>
+      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n</pattern>
+    </encoder>
+    <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+      <maxIndex>1</maxIndex>
+      <FileNamePattern>${catalina.base}/logs/moa-spss.log.%i.gz</FileNamePattern>
+    </rollingPolicy>
+    <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+      <MaxFileSize>10000KB</MaxFileSize>
+    </triggeringPolicy>
+  </appender>
+  <appender name="reversion" class="ch.qos.logback.core.rolling.RollingFileAppender">
+    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
+    <File>${catalina.base}/moa-id-reversion.log</File>
+    <encoder>
+      <pattern>%5p | %d{ISO8601} | %t | %m%n</pattern>
+    </encoder>
+    <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
+      <maxIndex>9999</maxIndex>
+      <FileNamePattern>${catalina.base}/moa-id-reversion.log.%i.gz</FileNamePattern>
+    </rollingPolicy>
+    <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
+      <MaxFileSize>10000KB</MaxFileSize>
+    </triggeringPolicy>
+  </appender>
+  <appender name="stdout" class="ch.qos.logback.core.ConsoleAppender">
+    <encoder>
+      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} |%20.20c | %10t | %m%n</pattern>
+    </encoder>
+  </appender> 
+
+  <logger name="at.gv.egovernment.moa.id" level="info">
+    <appender-ref ref="moaid"/>
+  </logger>
+
+  <logger name="at.gv.egiz.eventlog.plain.all" level="info">
+    <appender-ref ref="reversion"/>
+  </logger>
+    
+  <logger name="at.gv.egiz.eaaf" level="info">
+    <appender-ref ref="moaid"/>
+  </logger>
+  <logger name="at.gv.egiz.components.configuration" level="info">
+    <appender-ref ref="CONFIGTOOL"/>
+  </logger>
+  
+  <logger name="at.gv.egovernment.moa.spss" level="info">
+    <appender-ref ref="moaspss"/>
+  </logger>
+  <logger name="pki" level="info">
+    <appender-ref ref="moaspss"/>
+  </logger>  
+  <logger name="iaik.server" level="info">
+    <appender-ref ref="moaspss"/>
+  </logger>
+
+  <root level="warn">
+    <appender-ref ref="stdout"/>
+  </root>
+</configuration>
diff --git a/id/server/data/deploy/conf/moa-id/logback_config.xml b/id/server/data/deploy/conf/moa-id/logback_config.xml
deleted file mode 100644
index fa221fbc2..000000000
--- a/id/server/data/deploy/conf/moa-id/logback_config.xml
+++ /dev/null
@@ -1,105 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-
-<!-- For assistance related to logback-translator or configuration  -->
-<!-- files in general, please contact the logback user mailing list -->
-<!-- at http://www.qos.ch/mailman/listinfo/logback-user             -->
-<!--                                                                -->
-<!-- For professional support please see                            -->
-<!--    http://www.qos.ch/shop/products/professionalSupport         -->
-<!--                                                                -->
-<configuration>
-  <appender name="moaid" class="ch.qos.logback.core.rolling.RollingFileAppender">
-    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
-    <File>${catalina.base}/logs/moa-id.log</File>
-    <encoder>
-      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n</pattern>
-    </encoder>
-    <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
-      <maxIndex>1</maxIndex>
-      <FileNamePattern>${catalina.base}/logs/moa-id.log.%i</FileNamePattern>
-    </rollingPolicy>
-    <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
-      <MaxFileSize>10000KB</MaxFileSize>
-    </triggeringPolicy>
-  </appender>
-  <appender name="moaspss" class="ch.qos.logback.core.rolling.RollingFileAppender">
-    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
-    <File>${catalina.base}/logs/moa-spss.log</File>
-    <encoder>
-      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n</pattern>
-    </encoder>
-    <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
-      <maxIndex>1</maxIndex>
-      <FileNamePattern>${catalina.base}/logs/moa-spss.log.%i</FileNamePattern>
-    </rollingPolicy>
-    <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
-      <MaxFileSize>10000KB</MaxFileSize>
-    </triggeringPolicy>
-  </appender>
-  <appender name="CONFIGTOOL" class="ch.qos.logback.core.rolling.RollingFileAppender">
-    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
-    <File>${catalina.base}/logs/moa-id-webgui.log</File>
-    <encoder>
-      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} | %t | %m%n</pattern>
-    </encoder>
-    <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
-      <maxIndex>1</maxIndex>
-      <FileNamePattern>${catalina.base}/logs/moa-id-webgui.log.%i</FileNamePattern>
-    </rollingPolicy>
-    <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
-      <MaxFileSize>10000KB</MaxFileSize>
-    </triggeringPolicy>
-  </appender>
-  <appender name="reversion" class="ch.qos.logback.core.rolling.RollingFileAppender">
-    <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
-    <File>${catalina.base}/moa-id-reversion.log</File>
-    <encoder>
-      <pattern>%5p | %d{ISO8601} | %t | %m%n</pattern>
-    </encoder>
-    <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
-      <maxIndex>9999</maxIndex>
-      <FileNamePattern>${catalina.base}/moa-id-reversion.log.%i</FileNamePattern>
-    </rollingPolicy>
-    <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
-      <MaxFileSize>10000KB</MaxFileSize>
-    </triggeringPolicy>
-  </appender>
-  <appender name="stdout" class="ch.qos.logback.core.ConsoleAppender">
-    <encoder>
-      <pattern>%5p | %d{dd HH:mm:ss,SSS} | %X{sessionId} | %X{transactionId} | %X{oaId} |%20.20c | %10t | %m%n</pattern>
-    </encoder>
-  </appender>
-  <logger name="at.gv.egiz.eaaf" level="info">
-    <appender-ref ref="moaid"/>
-  </logger>
-  <logger name="at.gv.egovernment.moa.spss" level="info">
-    <appender-ref ref="moaspss"/>
-  </logger>
-  <logger name="pki" level="info">
-    <appender-ref ref="moaspss"/>
-  </logger>
-  <logger name="at.gv.egovernment.moa.id.commons" level="info">
-    <appender-ref ref="CONFIGTOOL"/>
-  </logger>
-  <logger name="at.gv.egovernment.moa.id.configuration" level="info">
-    <appender-ref ref="CONFIGTOOL"/>
-  </logger>
-  <logger name="at.gv.egiz.eventlog.plain.all" level="info">
-    <appender-ref ref="reversion"/>
-  </logger>
-  <logger name="at.gv.egovernment.moa.id.config.webgui" level="info">
-    <appender-ref ref="CONFIGTOOL"/>
-  </logger>
-  <logger name="at.gv.egiz.components.configuration" level="info">
-    <appender-ref ref="CONFIGTOOL"/>
-  </logger>
-  <logger name="at.gv.egovernment.moa.id" level="info">
-    <appender-ref ref="moaid"/>
-  </logger>
-  <logger name="iaik.server" level="info">
-    <appender-ref ref="moaspss"/>
-  </logger>
-  <root level="warn">
-    <appender-ref ref="stdout"/>
-  </root>
-</configuration>
diff --git a/id/server/data/deploy/tomcat/unix/tomcat-start.sh b/id/server/data/deploy/tomcat/unix/tomcat-start.sh
index d717ecd25..0ad50ff0e 100644
--- a/id/server/data/deploy/tomcat/unix/tomcat-start.sh
+++ b/id/server/data/deploy/tomcat/unix/tomcat-start.sh
@@ -7,8 +7,7 @@ export CATALINA_BASE=$CATALINA_HOME
 FILE_ENCODING=-Dfile.encoding=UTF-8
 RAND_FILE=-Djava.security.egd=file:///dev/urandom
 
-LOGGING_OPT=-Dlog4j.configuration=file:$CATALINA_BASE/conf/moa-id/log4j.properties
-LOGGING_LOGBACK_OPT=-Dlogback.configurationFile=$CATALINA_BASE/conf/moa-id/logback_config.xml
+LOGGING_LOGBACK_OPT=-Dlogback.configurationFile=$CATALINA_BASE/conf/moa-id/logback.xml
 
 CONFIG_OPT=-Dmoa.id.configuration=file:$CATALINA_BASE/conf/moa-id/moa-id.properties
 SPSS_OPT=-Dmoa.spss.server.configuration=$CATALINA_BASE/conf/moa-spss/SampleMOASPSSConfiguration.xml
diff --git a/id/server/data/deploy/tomcat/win32/startTomcat.bat b/id/server/data/deploy/tomcat/win32/startTomcat.bat
index afdd907c8..93eb3ea80 100644
--- a/id/server/data/deploy/tomcat/win32/startTomcat.bat
+++ b/id/server/data/deploy/tomcat/win32/startTomcat.bat
@@ -12,8 +12,7 @@ rem ----------------------------------------------------------------------------
 set FILE_ENCODING=-Dfile.encoding=UTF-8
 set RAND_FILE=-Djava.security.egd=file:///dev/urandom
 
-set LOGGING_OPT=-Dlog4j.configuration=file:%CATALINA_HOME%/conf/moa-id/log4j.properties
-set LOGGING_LOGBACK_OPT=-Dlogback.configurationFile=%CATALINA_HOME%/conf/moa-id/logback_config.xml
+set LOGGING_LOGBACK_OPT=-Dlogback.configurationFile=%CATALINA_HOME%/conf/moa-id/logback.xml
 
 set CONFIG_OPT_SPSS=-Dmoa.spss.server.configuration=%CATALINA_HOME%/conf/moa-spss/SampleMOASPSSConfiguration.xml
 set CONFIG_OPT_ID=-Dmoa.id.configuration=file:%CATALINA_HOME%/conf/moa-id/moa-id.properties
diff --git a/id/server/doc/handbook/install/install.html b/id/server/doc/handbook/install/install.html
index bcd802b75..4f9214cbd 100644
--- a/id/server/doc/handbook/install/install.html
+++ b/id/server/doc/handbook/install/install.html
@@ -7,7 +7,7 @@
   <link rel="stylesheet" href="../common/MOA.css" type="text/css">
   <link href='https://fonts.googleapis.com/css?family=Roboto:300,400' rel='stylesheet' type='text/css'>
 </head>
-<body link="#990000"> 
+<body link="#990000">
    <div id="headline">
       <div class="container">
           <a href="http://www.digitales.oesterreich.gv.at/"><img src="../common/logo_digAT.png"/></a>
@@ -16,65 +16,65 @@
       </div>
   </div>
 <div class="container">
-<h1  align="center">Installation</h1> 
+<h1  align="center">Installation</h1>
   <h2>Inhalt</h2>
-  <ol class="index"> 
-    <li> 
-      <p><a href="#webservice">MOA-ID-Auth und MOA-ID-Configuration</a></p> 
-      <ol> 
-        <li><a href="#webservice_basisinstallation">Basisinstallation</a> 
-          <ol> 
-            <li><a href="#webservice_basisinstallation_einfuehrung">Einf&uuml;hrung</a></li> 
-            <li><a href="#webservice_basisinstallation_installation">Installation</a> 
-              <ol> 
-                <li><a href="#webservice_basisinstallation_installation_vorbereitung">Vorbereitung</a></li> 
-                <li><a href="#webservice_basisinstallation_installation_tomcatconfig">Konfiguration von Apache Tomcat</a> 
-                  <ol> 
-                    <li><a href="#webservice_basisinstallation_installation_tomcatconfig_httpconn">Konfiguration des HTTP Connectors</a></li> 
-                    <li><a href="#webservice_basisinstallation_installation_tomcatconfig_httpsconn">Konfiguration des HTTPS Connectors</a></li> 
-                  </ol> 
-                </li> 
+  <ol class="index">
+    <li>
+      <p><a href="#webservice">MOA-ID-Auth und MOA-ID-Configuration</a></p>
+      <ol>
+        <li><a href="#webservice_basisinstallation">Basisinstallation</a>
+          <ol>
+            <li><a href="#webservice_basisinstallation_einfuehrung">Einf&uuml;hrung</a></li>
+            <li><a href="#webservice_basisinstallation_installation">Installation</a>
+              <ol>
+                <li><a href="#webservice_basisinstallation_installation_vorbereitung">Vorbereitung</a></li>
+                <li><a href="#webservice_basisinstallation_installation_tomcatconfig">Konfiguration von Apache Tomcat</a>
+                  <ol>
+                    <li><a href="#webservice_basisinstallation_installation_tomcatconfig_httpconn">Konfiguration des HTTP Connectors</a></li>
+                    <li><a href="#webservice_basisinstallation_installation_tomcatconfig_httpsconn">Konfiguration des HTTPS Connectors</a></li>
+                  </ol>
+                </li>
                 <li><a href="#webservice_basisinstallation_installation_spssdeploy">Einsatz des Moduls MOA-ID-Auth in Tomcat</a></li>
-                <li><a href="#moa_id_configuration_deploy">Einsatz des Moduls MOA-ID-Configuration in Tomcat</a></li> 
-                <li><a href="#webservice_basisinstallation_installation_tomcatstartstop">Starten und Stoppen von Tomcat</a> 
-                  <ol> 
-                    <li><a href="#webservice_basisinstallation_installation_tomcatstartstop_windows">Unter Windows</a></li> 
-                    <li><a href="#webservice_basisinstallation_installation_tomcatstartstop_unix">Unter Unix</a></li> 
-                    <li><a href="#webservice_basisinstallation_installation_tomcatstartstop_verify">Pr&uuml;fen des erfolgreichen Starts</a> </li> 
-                  </ol> 
-                </li> 
-                <li><a href="#webservice_basisinstallation_installation_changeonthefly">&Auml;nderung der Konfiguration im laufenden Betrieb</a></li> 
-              </ol> 
-            </li> 
-            <li><a href="#webservice_basisinstallation_logging">Logging</a> 
-              <ol> 
-                <li><a href="#webservice_basisinstallation_logging_format">Format der Log-Meldungen</a></li> 
-                <li><a href="#webservice_basisinstallation_logging_messages">Wichtige Log-Meldungen</a></li> 
-              </ol> 
-            </li> 
-          </ol> 
-        </li> 
-        <li><a href="#webservice_erweiterungsmoeglichkeiten">Erweiterungsm&ouml;glichkeiten</a>          <ol> 
-            <li><a href="#webservice_erweiterungsmoeglichkeiten_webserver">Vorgeschalteter Webserver</a>              <ol> 
-                <li><a href="#webservice_erweiterungsmoeglichkeiten_webserver_iis">Microsoft Internet Information Server (MS IIS)</a>                  <ol> 
-                    <li><a href="#webservice_erweiterungsmoeglichkeiten_webserver_iis_jk">Konfiguration von <span class="term"> mod_jk</span> im MS IIS</a></li> 
-                    <li><a href="#webservice_erweiterungsmoeglichkeiten_webserver_iis_tomcat">Konfiguration von Tomcat</a></li> 
-                    <li><a href="#webservice_erweiterungsmoeglichkeiten_webserver_iis_ssl">Konfiguration von SSL</a></li> 
-                  </ol> 
-                </li> 
-                <li><a href="#webservice_erweiterungsmoeglichkeiten_webserver_apache">Apache</a>                  <ol> 
-                    <li><a href="#webservice_erweiterungsmoeglichkeiten_webserver_apache_jk">Konfiguration von <span class="term"> mod_jk</span> im Apache </a></li> 
-                    <li><a href="#webservice_erweiterungsmoeglichkeiten_webserver_apache_tomcat">Konfiguration von Tomcat</a></li> 
-                    <li><a href="#webservice_erweiterungsmoeglichkeiten_webserver_apache_ssl">Konfiguration von SSL mit <span class="term">mod_SSL</span></a></li> 
-                    </ol> 
-                </li> 
+                <li><a href="#moa_id_configuration_deploy">Einsatz des Moduls MOA-ID-Configuration in Tomcat</a></li>
+                <li><a href="#webservice_basisinstallation_installation_tomcatstartstop">Starten und Stoppen von Tomcat</a>
+                  <ol>
+                    <li><a href="#webservice_basisinstallation_installation_tomcatstartstop_windows">Unter Windows</a></li>
+                    <li><a href="#webservice_basisinstallation_installation_tomcatstartstop_unix">Unter Unix</a></li>
+                    <li><a href="#webservice_basisinstallation_installation_tomcatstartstop_verify">Pr&uuml;fen des erfolgreichen Starts</a> </li>
+                  </ol>
+                </li>
+                <li><a href="#webservice_basisinstallation_installation_changeonthefly">&Auml;nderung der Konfiguration im laufenden Betrieb</a></li>
+              </ol>
+            </li>
+            <li><a href="#webservice_basisinstallation_logging">Logging</a>
+              <ol>
+                <li><a href="#webservice_basisinstallation_logging_format">Format der Log-Meldungen</a></li>
+                <li><a href="#webservice_basisinstallation_logging_messages">Wichtige Log-Meldungen</a></li>
+              </ol>
+            </li>
+          </ol>
+        </li>
+        <li><a href="#webservice_erweiterungsmoeglichkeiten">Erweiterungsm&ouml;glichkeiten</a>          <ol>
+            <li><a href="#webservice_erweiterungsmoeglichkeiten_webserver">Vorgeschalteter Webserver</a>              <ol>
+                <li><a href="#webservice_erweiterungsmoeglichkeiten_webserver_iis">Microsoft Internet Information Server (MS IIS)</a>                  <ol>
+                    <li><a href="#webservice_erweiterungsmoeglichkeiten_webserver_iis_jk">Konfiguration von <span class="term"> mod_jk</span> im MS IIS</a></li>
+                    <li><a href="#webservice_erweiterungsmoeglichkeiten_webserver_iis_tomcat">Konfiguration von Tomcat</a></li>
+                    <li><a href="#webservice_erweiterungsmoeglichkeiten_webserver_iis_ssl">Konfiguration von SSL</a></li>
+                  </ol>
+                </li>
+                <li><a href="#webservice_erweiterungsmoeglichkeiten_webserver_apache">Apache</a>                  <ol>
+                    <li><a href="#webservice_erweiterungsmoeglichkeiten_webserver_apache_jk">Konfiguration von <span class="term"> mod_jk</span> im Apache </a></li>
+                    <li><a href="#webservice_erweiterungsmoeglichkeiten_webserver_apache_tomcat">Konfiguration von Tomcat</a></li>
+                    <li><a href="#webservice_erweiterungsmoeglichkeiten_webserver_apache_ssl">Konfiguration von SSL mit <span class="term">mod_SSL</span></a></li>
+                    </ol>
+                </li>
                 </ol>
             </li>
         </ol>
         </li>
-    </ol>     
+    </ol>
   </ol>
-  <ol type="A" class="index">	
+  <ol type="A" class="index">
     <li><a href="#referenzierte_software">Referenzierte Software</a></li>
 </ol>
   <h2><a name="uebersicht" id="uebersicht"></a>1 &Uuml;bersicht</h2>
@@ -95,7 +95,7 @@
     <li><a href="#referenziertesoftware">Java SE Update SE 7 (neuestes Update) bzw. Java SE 8 (neuestes Update)</a><a href="#referenziertesoftware"></a></li>
     <li><a href="#referenziertesoftware">Apache Tomcat 7 (neuestes Update) bzw. Apache Tomcat 8</a><a href="#referenziertesoftware"> (neuestes Update)</a></li>
 </ul>
-  <p>In diesem Betriebs-Szenario wird das MOA-ID-Auth Webservice und das MOA-ID Konfigurationstool in Tomcat zum Einsatz gebracht. Beide Module k&ouml;nnen sowohl in derselben Tomcat-Instanz, als auch in separaten Tomcat-Instanzen betrieben werden. F&uuml;r den Fall des separaten Betriebs muss die Installation auf beiden Tomcat-Instanzen ausgef&uuml;hrt werden. In beiden F&auml;llen fungiert der Tomcat gleichzeitig als HTTP- und HTTPS-Endpunkt f&uuml;r beide Module. Beide Protokolle werden direkt in Tomcat konfiguriert, wobei MOA-ID-Auth und MOA-ID-Configuration Log4j als Logging Toolkit verwenden.</p>
+  <p>In diesem Betriebs-Szenario wird das MOA-ID-Auth Webservice und das MOA-ID Konfigurationstool in Tomcat zum Einsatz gebracht. Beide Module k&ouml;nnen sowohl in derselben Tomcat-Instanz, als auch in separaten Tomcat-Instanzen betrieben werden. F&uuml;r den Fall des separaten Betriebs muss die Installation auf beiden Tomcat-Instanzen ausgef&uuml;hrt werden. In beiden F&auml;llen fungiert der Tomcat gleichzeitig als HTTP- und HTTPS-Endpunkt f&uuml;r beide Module. Beide Protokolle werden direkt in Tomcat konfiguriert, wobei MOA-ID-Auth und MOA-ID-Configuration LogBack als Logging Toolkit verwenden.</p>
 <h4><a name="webservice_basisinstallation_installation" id="webservice_basisinstallation_installation"></a>2.1.2 Installation</h4>
 <h5><a name="webservice_basisinstallation_installation_vorbereitung" id="webservice_basisinstallation_installation_vorbereitung"></a>2.1.2.1 Vorbereitung</h5>
 <p>Die folgenden Schritte dienen der Vorbereitung der Installation.</p>
@@ -108,9 +108,9 @@
   <dd> Entpacken Sie die Datei <code>moa-id-auth-3.0.0.zip</code> in ein beliebiges Verzeichnis. Dieses Verzeichnis wird im weiteren Verlauf als <code>$MOA_ID_AUTH_INST</code> bezeichnet. </dd>
   <dt>Installation der  Kryptographiebibliotheken von SIC/IAIK</dt>
   <dd>
-    <p>Kopieren Sie alle Dateien aus dem Verzeichnis <code>$MOA_ID_AUTH_INST/ext</code> in das Verzeichnis <code>$JAVA_HOME/jre/lib/ext</code>. Zus&auml;tzlich m&uuml;ssen Sie die Rechtedateien Ihrer Java SE austauschen. Laden Sie dazu die passenden <span class="term">Unlimited Strength 
-	  
-	  
+    <p>Kopieren Sie alle Dateien aus dem Verzeichnis <code>$MOA_ID_AUTH_INST/ext</code> in das Verzeichnis <code>$JAVA_HOME/jre/lib/ext</code>. Zus&auml;tzlich m&uuml;ssen Sie die Rechtedateien Ihrer Java SE austauschen. Laden Sie dazu die passenden <span class="term">Unlimited Strength
+
+
     Jurisdiction Policy Files</span> von der <a href="http://java.com/download" target="_blank">Java SE Downloadseite </a>und achten Sie darauf die f&uuml;r ihre verwendete Java SE Installation richtige Version zu nehmen. Anschlie&szlig;end folgen Sie der darin enthaltenen Installationsanweisung. </p>
   </dd>
   <dt>Installation einer Datenbank</dt>
@@ -142,8 +142,7 @@
     <li id="klein"><code>moa.id.configuration</code>: Pfad und Name der Basiskonfigurationsdatei f&uuml;r MOA-ID-Auth. Eine beispielhafte Konfigurationsdatei finden Sie <a href="../../../deploy/conf/moa-id/moa-id.properties">hier</a>. Wird ein relativer Pfad angegeben, wird dieser relativ zum Startverzeichnis der <span class="term">Java Virtual Machine</span> interpretiert.</li>
         <li><code>moa.spss.server.configuration</code>: Pfad und Name der zentralen Konfigurationsdatei f&uuml;r MOA SP/SS. Eine beispielhafte Konfigurationsdatei finden Sie <a href="../../../conf/moa-spss/SampleMOASPSSConfiguration.xml">hier</a>. Wird ein relativer Pfad angegeben, wird dieser relativ zum Startverzeichnis der <span class="term">Java Virtual Machine</span> interpretiert. Ist diese <span class="term">System Property</span> nicht gesetzt, wird automatisch eine im Webarchiv unter <code>WEB-INF/conf</code> enthaltene Default-Konfiguration herangezogen.</li>
         <li><code>eu.stork.samlengine.config.location</code>: Pfad auf den Ordner mit den zentralen Konfigurationsdateien f&uuml;r STORK. Die Beispielkonfiguration f&uuml;r das Modul MOA-ID-Auth enth&auml;lt bereits den<a href="../../../conf/moa-id/stork/"> Ordner f&uuml;r die STORK Konfiguration</a>. </li>
-        <li id="klein"><code>log4j.configuration</code>: URL der Log4j Konfigurationsdatei. Eine beispielhafte Log4j-Konfiguration finden Sie <a href="../../../conf/moa-id/log4j.properties">hier</a>. Wird eine relative URL angegeben, wird diese als File-URL relativ zum Startverzeichnis der <span class="term">Java Virtual Machine</span> interpretiert. Ist diese <span class="term">System Property</span> nicht gesetzt, wird automatisch eine im Webarchiv unter <code>WEB-INF/classes</code> enthaltene Default-Konfiguration herangezogen.</li>
-        <li><code>-Dlogback.configurationFile</code>: URL der LogBack Konfigurationsdatei. Eine beispielhafte LobBack-Konfiguration finden Sie <a href="../../../conf/moa-id/logback_config.xml">hier</a>. Wird eine relative URL angegeben, wird diese als File-URL relativ zum Startverzeichnis der <span class="term">Java Virtual Machine</span> interpretiert. Ist diese <span class="term">System Property</span> nicht gesetzt, wird automatisch eine im Webarchiv unter <code>WEB-INF/classes</code> enthaltene Default-Konfiguration herangezogen. &Uuml;berdies besteht die M&ouml;glichkeit eine bestehende Log44 Konfigurationsdatei in der LogBack Format zu &uuml;berf&uuml;hren (<a href="http://logback.qos.ch/translator/">http://logback.qos.ch/translator/</a>). </li>
+        <li><code>-Dlogback.configurationFile</code>: URL der LogBack Konfigurationsdatei. Eine beispielhafte LobBack-Konfiguration finden Sie <a href="../../../conf/moa-id/logback.xml">hier</a>. Wird eine relative URL angegeben, wird diese als File-URL relativ zum Startverzeichnis der <span class="term">Java Virtual Machine</span> interpretiert. Ist diese <span class="term">System Property</span> nicht gesetzt, wird automatisch eine im Webarchiv unter <code>WEB-INF/classes</code> enthaltene Default-Konfiguration herangezogen. &Uuml;berdies besteht die M&ouml;glichkeit eine bestehende Log44 Konfigurationsdatei in der LogBack Format zu &uuml;berf&uuml;hren (<a href="http://logback.qos.ch/translator/">http://logback.qos.ch/translator/</a>). </li>
         <li id="klein"><code>javax.net.ssl.trustStore</code>: Pfad und Dateiname des <span class="term">Truststores</span> f&uuml;r vertrauensw&uuml;rdige SSL Zertifikate. Die SSL Serverzertifikate der Server von denen mittels https Dateien bezogen werden m&uuml;ssen im Truststore abgelegt werden. Ein relativer Pfad werden relativ zum Startverzeichnis der <span class="term">Java Virtual Machine</span> interpretiert.</li>
         <li id="klein"><code>javax.net.ssl.trustStorePassword</code>: Passwort f&uuml;r den <span class="term">Truststore</span> (optional; nur, wenn SSL Client-Authentisierung durchgef&uuml;hrt werden soll). </li>
         <li id="klein"><code>javax.net.ssl.trustStoreType</code>: Truststore-Typ (optional; nur, wenn SSL Client-Authentisierung durchgef&uuml;hrt werden soll). Je nach verwendetem Keystore-Typ muss <code>jks</code> (<span class="term">Java Key Store</span>) oder <code>pkcs12</code> (PKCS#12-Datei) angegeben werden.</li>
@@ -161,8 +160,7 @@
     <ul>
       <li><code>moa.id.webconfig</code>: Pfad und Name der Basiskonfigurationsdatei f&uuml;r MOA-ID-Configuration. Eine beispielhafte Konfigurationsdatei finden Sie <a href="../../../conf/moa-id-configuration/moa-id-configtool.properties">hier</a>. Wird ein relativer Pfad angegeben, wird dieser relativ zum Startverzeichnis der <span class="term">Java Virtual Machine</span> interpretiert.</li>
       <li><code>user.properties</code>: Pfad und Name der Basiskonfigurationsdatei f&uuml;r das Usermanagement der Konfigurationsoberfl&auml;che. Eine beispielhafte Konfigurationsdatei finden Sie <a href="../../../conf/moa-id-configuration/userdatabase.properties">hier</a>. Wird ein relativer Pfad angegeben, wird dieser relativ zum Startverzeichnis der <span class="term">Java Virtual Machine</span> interpretiert.</li>
-      <li><code>log4j.configuration</code>: URL der Log4j Konfigurationsdatei. Eine beispielhafte Log4j-Konfiguration finden Sie <a href="../../../conf/moa-id/log4j.properties">hier</a>. Wird eine relative URL angegeben, wird diese als File-URL relativ zum Startverzeichnis der <span class="term">Java Virtual Machine</span> interpretiert. Ist diese <span class="term">System Property</span> nicht gesetzt, wird automatisch eine im Webarchiv unter <code>WEB-INF/classes</code> enthaltene Default-Konfiguration herangezogen.</li>
-      <li><code>logback.configurationFile</code>: URL der LogBack Konfigurationsdatei. Eine beispielhafte LobBack-Konfiguration finden Sie <a href="../../../conf/moa-id/logback_config.xml">hier</a>. Wird eine relative URL angegeben, wird diese als File-URL relativ zum Startverzeichnis der <span class="term">Java Virtual Machine</span> interpretiert. Ist diese <span class="term">System Property</span> nicht gesetzt, wird automatisch eine im Webarchiv unter <code>WEB-INF/classes</code> enthaltene Default-Konfiguration herangezogen. &Uuml;berdies besteht die M&ouml;glichkeit eine bestehende Log44 Konfigurationsdatei in der LogBack Format zu &uuml;berf&uuml;hren (<a href="http://logback.qos.ch/translator/">http://logback.qos.ch/translator/</a>).</li>
+      <li><code>logback.configurationFile</code>: URL der LogBack Konfigurationsdatei. Eine beispielhafte LobBack-Konfiguration finden Sie <a href="../../../conf/moa-id/logback.xml">hier</a>. Wird eine relative URL angegeben, wird diese als File-URL relativ zum Startverzeichnis der <span class="term">Java Virtual Machine</span> interpretiert. Ist diese <span class="term">System Property</span> nicht gesetzt, wird automatisch eine im Webarchiv unter <code>WEB-INF/classes</code> enthaltene Default-Konfiguration herangezogen. &Uuml;berdies besteht die M&ouml;glichkeit eine bestehende Log44 Konfigurationsdatei in der LogBack Format zu &uuml;berf&uuml;hren (<a href="http://logback.qos.ch/translator/">http://logback.qos.ch/translator/</a>).</li>
       <li><code>javax.net.ssl.trustStore</code>: Pfad und Dateiname des <span class="term">Truststores</span> f&uuml;r vertrauensw&uuml;rdige SSL Zertifikate Die SSL Serverzertifikate der Server von denen mittels https Dateien bezogen werden m&uuml;ssen im Truststore abgelegt werden. Ein relativer Pfad werden relativ zum Startverzeichnis der <span class="term">Java Virtual Machine</span> interpretiert.</li>
       <li><code>javax.net.ssl.trustStorePassword</code>: Passwort f&uuml;r den <span class="term">Truststore</span> (optional; nur, wenn SSL Client-Authentisierung durchgef&uuml;hrt werden soll). </li>
       <li><code>javax.net.ssl.trustStoreType</code>: Truststore-Typ (optional; nur, wenn SSL Client-Authentisierung durchgef&uuml;hrt werden soll). Je nach verwendetem Keystore-Typ muss <code>jks</code> (<span class="term">Java Key Store</span>) oder <code>pkcs12</code> (PKCS#12-Datei) angegeben werden.</li>
@@ -186,7 +184,7 @@ gestartet werden. Das Stoppen von Tomcat erfolgt analog mit
   <p>Ein erfolgreicher Start des MOA-ID-Auth Modules ist an folgender Log-Meldung ersichtlich: <br>
   </p>
 </div>
-<pre>32131 [localhost-startStop-1] INFO moa.id.auth  - MOA ID Authentisierung wurde erfolgreich gestartet 
+<pre>32131 [localhost-startStop-1] INFO moa.id.auth  - MOA ID Authentisierung wurde erfolgreich gestartet
 32131 [localhost-startStop-1] INFO moa.id.auth  - Dispatcher Servlet initialization finished.</pre>
 <p>Analog bei MOA-ID-Configuration</p>
 <pre>INFO | 21 10:16:22 | localhost-startStop-1 | Loading config module: MOAIDConfigurationModul</pre>
@@ -202,7 +200,7 @@ https://&lt;host&gt;:&lt;port&gt;/moa-id-auth/
 https://&lt;host&gt;:&lt;port&gt;/egiz-configuration-webapp/</pre>
 <p>Die Verf&uuml;gbarkeit des Services k&ouml;nnen Sie einfach &uuml;berpr&uuml;fen, indem Sie die Endpunkte mit einem Web-Browser aufgerufen; dies sollte nach erfolgreichem Start zur Anzeige einer Informationsseite f&uuml;hren. </p>
 <h5><a name="webservice_basisinstallation_logging" id="webservice_basisinstallation_logging"></a>2.1.3 Logging </h5>
-<p>Beide Module verwenden <a href="#referenziertesoftware">Log4j</a> f&uuml;r die Ausgabe von Log-Meldungen am Bildschirm bzw. in Log-Dateien. Log4j bietet zahlreiche Konfigurationsm&ouml;glichkeiten, die ausf&uuml;hrlich im Log4j Handbuch  beschrieben sind. Unter anderem gibt es die M&ouml;glichkeit, folgende Einstellungen vorzunehmen:
+<p>Beide Module verwenden <a href="#referenziertesoftware">LobBack</a> f&uuml;r die Ausgabe von Log-Meldungen am Bildschirm bzw. in Log-Dateien. LogBack bietet zahlreiche Konfigurationsm&ouml;glichkeiten, die ausf&uuml;hrlich im LogBack Handbuch  beschrieben sind. Unter anderem gibt es die M&ouml;glichkeit, folgende Einstellungen vorzunehmen:
 <ul>
       <li id="klein">
         <p>Das verwendete Log-Level (<code>DEBUG</code>, <code>INFO</code>, <code>WARN</code>, <code>ERROR</code>, <code>FATAL</code>);</p>
@@ -228,16 +226,16 @@ https://&lt;host&gt;:&lt;port&gt;/egiz-configuration-webapp/</pre>
     </li>
     <li>
       <p><code>at.gv.egiz.eventlog.plain.all</code> f&uuml;r alle Log-Meldungen aus dem MOA-ID EventLog zur Revisionssicherung</p>
-    </li>    
+    </li>
     <li>
       <p><code>iaik.server</code> f&uuml;r alle Log-Meldungen aus den SIC/IAIK Kryptographie-Modulen. </p>
     </li>
 </ul>
-<p>Eine f&uuml;r beide Module passende Konfigurationsdatei f&uuml;r Log4j finden Sie <a href="../../../conf/moa-spss/log4j.properties">hier</a>. Wird diese Datei als Logging-Konfiguration verwendet, so werden alle Log-Meldungen sowohl in die Konsole, als auch in die Dateien <code>moa-id-auth.log</code> und <code>moa-id-configuration.log</code> geschrieben. </p>
+<p>Wird diese Datei als Logging-Konfiguration verwendet, so werden alle Log-Meldungen sowohl in die Konsole, als auch in die Dateien <code>moa-id-auth.log</code> und <code>moa-id-configuration.log</code> geschrieben. </p>
   <h5><a name="webservice_basisinstallation_logging_format" id="webservice_basisinstallation_logging_format"></a>2.1.3.1 Format der Log-Meldungen</h5>
-      <p> Anhand einer konkreten Log-Meldung wird das Format der MOA SP/SS Log-Meldungen erl&auml;utert:      </p>
+      <p> Anhand einer konkreten Log-Meldung wird das Format der MOA-ID-Meldungen erl&auml;utert:      </p>
       <pre>
- INFO | 2017-09-18 10:29:22,904 | SID-7947921060553739539 | TID-4708232418268334030 | https://sso.demosp.at/handysignatur 
+ INFO | 2017-09-18 10:29:22,904 | SID-7947921060553739539 | TID-4708232418268334030 | https://sso.demosp.at/handysignatur
       | ajp-nio-28109-exec-7 | No SSO Session cookie found
 </pre>
 <p>    Der Wert <code>INFO</code> besagt, dass die Log-Meldung im Log-Level <code>INFO</code> entstanden ist. Folgende Log-Levels existieren:</p>
@@ -259,19 +257,19 @@ https://&lt;host&gt;:&lt;port&gt;/egiz-configuration-webapp/</pre>
       </li>
     </ul>
     <p>Der n&auml;chste Wert <code>01 21:25:26,540</code> gibt den Zeitpunkt an, zu dem die Log-Meldung generiert wurde (in diesem Fall den 1. Tag im aktuellen Monat, sowie die genaue Uhrzeit). </p>
-    <p>Der Wert <code>SID-7947921060553739539</code> bezeichnet die SessionID, welche diesem Request zugeordnet wurde. Eine SessionID ist innerhalb einer SSO auch &uuml;ber mehrere Authentifizierungsrequests eindeutig. Das Loggen der SessionID kann mittels <code>%X{sessionId}</code> in der log4j Konfiguration gesetzt werden</p>
-  <p>Der Wert <code>TID-4708232418268334030</code> bezeichnet die TransactionsID, welche diesem Request zugeordnet wurde. Eine TransactionsID ist innerhalb eines Authentifizierungsrequests eindeutig. Das Loggen der TransactionsID kann mittels <code>%X{transactionId}</code> in der log4j Konfiguration gesetzt werden</p>
-    <p>Der Wert <code>https://sso.demosp.at/handysignatur</code> bezeichnet die Online Applikation (eindeutiger Identifier dieses Service Providers) f&uuml;r welchen dieser Authentifizierungsrequest durchgef&uuml;hrt wird. Das Loggen des OA Identifiers kann mittels <code>%X{oaId}</code> in der log4j Konfiguration gesetzt werden</p>
+    <p>Der Wert <code>SID-7947921060553739539</code> bezeichnet die SessionID, welche diesem Request zugeordnet wurde. Eine SessionID ist innerhalb einer SSO auch &uuml;ber mehrere Authentifizierungsrequests eindeutig. Das Loggen der SessionID kann mittels <code>%X{sessionId}</code> in der LogBack Konfiguration gesetzt werden</p>
+  <p>Der Wert <code>TID-4708232418268334030</code> bezeichnet die TransactionsID, welche diesem Request zugeordnet wurde. Eine TransactionsID ist innerhalb eines Authentifizierungsrequests eindeutig. Das Loggen der TransactionsID kann mittels <code>%X{transactionId}</code> in der LogBack Konfiguration gesetzt werden</p>
+    <p>Der Wert <code>https://sso.demosp.at/handysignatur</code> bezeichnet die Online Applikation (eindeutiger Identifier dieses Service Providers) f&uuml;r welchen dieser Authentifizierungsrequest durchgef&uuml;hrt wird. Das Loggen des OA Identifiers kann mittels <code>%X{oaId}</code> in der LogBack Konfiguration gesetzt werden</p>
     <p>Der Wert <code>ajp-nio-28109-exec-7</code> bezeichnet den Thread, von dem die Anfrage bearbeitet wird.</p>
     <p>      Der Rest der Zeile einer Log-Meldung ist der eigentliche Text, mit dem das System bestimmte Informationen anzeigt. Im Fehlerfall ist h&auml;ufig ein Java Stack-Trace angef&uuml;gt, der eine genauere Ursachen-Forschung erm&ouml;glicht.</p>
 <h5>      <a name="webservice_basisinstallation_logging_messages" id="webservice_basisinstallation_logging_messages"></a>2.1.3.2 Wichtige Log-Meldungen</h5>
     <p>      Neben den im Abschnitt <a href="#webservice_basisinstallation_installation_tomcatstartstop_verify">2.1.2.4.3</a> beschriebenen Log-Meldungen, die anzeigen, ob das Service ordnungsgem&auml;&szlig; gestartet wurde, geben nachfolgenden Log-Meldungen Aufschluss &uuml;ber die Abarbeitung von Anfragen. </p>
     <p>Die Entgegennahme einer Anfrage wird angezeigt durch:
-      
+
   </p>
     <pre>125690 [ajp-bio-129.27.142.119-38609-exec-1] INFO moa.id.auth  - REQUEST: /moa-id-auth/dispatcher
 125690 [ajp-bio-129.27.142.119-38609-exec-1] INFO moa.id.auth  - QUERY  : mod=id_pvp2x&amp;action=Post&amp;</pre>
-<p>Ein Fehler beim Abarbeiten der Anfrage wird angezeigt durch:  
+<p>Ein Fehler beim Abarbeiten der Anfrage wird angezeigt durch:
 <pre>2435298 [ajp-bio-129.27.142.119-38609-exec-10] ERROR moa.id.auth  - Failed to generate a valid protocol request!</pre>
   <div id="block">
     <p>In diesem Fall gibt der mitgeloggte Stacktrace Auskunft &uuml;ber die Art des Fehlers.</p>
@@ -318,7 +316,7 @@ https://&lt;host&gt;:&lt;port&gt;/egiz-configuration-webapp/</pre>
     <td>Java Standard Edition (Software Development Kit bzw. Java Runtime Environment) </td>
   </tr>
   <tr>
-    <td><a href="http://logging.apache.org/log4j/1.2/" target="_blank"> Log4J </a></td>
+    <td><a href="http://logback.qos.ch/" target="_blank"> LogBack </a></td>
     <td>Logging Framework </td>
   </tr>
 </table>
diff --git a/id/server/moa-id-commons/pom.xml b/id/server/moa-id-commons/pom.xml
index 446c11437..56af92d73 100644
--- a/id/server/moa-id-commons/pom.xml
+++ b/id/server/moa-id-commons/pom.xml
@@ -182,12 +182,11 @@
 		</dependency>
 		<dependency>
     		<groupId>org.apache.logging.log4j</groupId>
-    		<artifactId>log4j-slf4j-impl</artifactId>    	
+    		<artifactId>log4j-1.2-api</artifactId>
 		</dependency>
-
 		<dependency>
     		<groupId>org.apache.logging.log4j</groupId>
-    		<artifactId>log4j-1.2-api</artifactId>
+    		<artifactId>log4j-to-slf4j</artifactId>
 		</dependency>
 
 		<dependency>
-- 
cgit v1.2.3


From 81df147ba8fbc6d2772d0ccd23b329683c625469 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Mon, 20 Dec 2021 08:18:38 +0100
Subject: switch to next release-candidate version

---
 id/server/auth-edu/pom.xml                                        | 2 +-
 id/server/auth-final/pom.xml                                      | 2 +-
 id/server/idserverlib/pom.xml                                     | 2 +-
 id/server/moa-id-commons/pom.xml                                  | 2 +-
 id/server/moa-id-frontend-resources/pom.xml                       | 2 +-
 id/server/moa-id-jaxb_classes/pom.xml                             | 2 +-
 id/server/moa-id-spring-initializer/pom.xml                       | 2 +-
 id/server/modules/moa-id-modul-citizencard_authentication/pom.xml | 2 +-
 id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml        | 2 +-
 id/server/modules/moa-id-module-E-ID_connector/pom.xml            | 2 +-
 id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml    | 2 +-
 id/server/modules/moa-id-module-dummyAuth/pom.xml                 | 2 +-
 id/server/modules/moa-id-module-eIDAS/pom.xml                     | 2 +-
 id/server/modules/moa-id-module-ehvd_integration/pom.xml          | 2 +-
 id/server/modules/moa-id-module-elga_mandate_service/pom.xml      | 2 +-
 id/server/modules/moa-id-module-openID/pom.xml                    | 2 +-
 id/server/modules/moa-id-module-sl20_authentication/pom.xml       | 2 +-
 id/server/modules/moa-id-module-ssoTransfer/pom.xml               | 2 +-
 id/server/modules/moa-id-modules-federated_authentication/pom.xml | 2 +-
 id/server/modules/moa-id-modules-saml1/pom.xml                    | 2 +-
 id/server/modules/module-monitoring/pom.xml                       | 2 +-
 id/server/modules/pom.xml                                         | 2 +-
 id/server/pom.xml                                                 | 2 +-
 23 files changed, 23 insertions(+), 23 deletions(-)

(limited to 'id/server')

diff --git a/id/server/auth-edu/pom.xml b/id/server/auth-edu/pom.xml
index 09e569ff0..382e85c67 100644
--- a/id/server/auth-edu/pom.xml
+++ b/id/server/auth-edu/pom.xml
@@ -2,7 +2,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.1.8-SNAPSHOT</version>
+		<version>4.2.0-RC1</version>
 	</parent>
 	
 	<modelVersion>4.0.0</modelVersion>
diff --git a/id/server/auth-final/pom.xml b/id/server/auth-final/pom.xml
index 2ed05cad4..9acced17d 100644
--- a/id/server/auth-final/pom.xml
+++ b/id/server/auth-final/pom.xml
@@ -2,7 +2,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.1.8-SNAPSHOT</version>
+		<version>4.2.0-RC1</version>
 	</parent>
 	
 	<modelVersion>4.0.0</modelVersion>
diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml
index 3b9ad82db..54b40d28a 100644
--- a/id/server/idserverlib/pom.xml
+++ b/id/server/idserverlib/pom.xml
@@ -4,7 +4,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.1.8-SNAPSHOT</version>
+		<version>4.2.0-RC1</version>
 	</parent>
 
 	<groupId>MOA.id.server</groupId>
diff --git a/id/server/moa-id-commons/pom.xml b/id/server/moa-id-commons/pom.xml
index 56af92d73..2702a9b4d 100644
--- a/id/server/moa-id-commons/pom.xml
+++ b/id/server/moa-id-commons/pom.xml
@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.1.8-SNAPSHOT</version>
+		<version>4.2.0-RC1</version>
 	</parent>
 	<artifactId>moa-id-commons</artifactId>
 	<name>moa-id-commons</name>
diff --git a/id/server/moa-id-frontend-resources/pom.xml b/id/server/moa-id-frontend-resources/pom.xml
index c5055579d..af8b4ca06 100644
--- a/id/server/moa-id-frontend-resources/pom.xml
+++ b/id/server/moa-id-frontend-resources/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id</groupId>
     <artifactId>moa-id</artifactId>
-    <version>4.1.8-SNAPSHOT</version>
+    <version>4.2.0-RC1</version>
   </parent>
   
   <groupId>MOA.id.server</groupId>
diff --git a/id/server/moa-id-jaxb_classes/pom.xml b/id/server/moa-id-jaxb_classes/pom.xml
index 85deb3bc3..3f6a4c3b9 100644
--- a/id/server/moa-id-jaxb_classes/pom.xml
+++ b/id/server/moa-id-jaxb_classes/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id</groupId>
     <artifactId>moa-id</artifactId>
-    <version>4.1.8-SNAPSHOT</version>
+    <version>4.2.0-RC1</version>
   </parent>
   <groupId>MOA.id.server</groupId>
   <artifactId>moa-id-jaxb_classes</artifactId>
diff --git a/id/server/moa-id-spring-initializer/pom.xml b/id/server/moa-id-spring-initializer/pom.xml
index 3ed24aa40..63da8b22f 100644
--- a/id/server/moa-id-spring-initializer/pom.xml
+++ b/id/server/moa-id-spring-initializer/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id</groupId>
     <artifactId>moa-id</artifactId>
-    <version>4.1.8-SNAPSHOT</version>
+    <version>4.2.0-RC1</version>
   </parent>
   
   <groupId>MOA.id.server</groupId>
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml b/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml
index 75be84014..1a494f00d 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.8-SNAPSHOT</version>
+    <version>4.2.0-RC1</version>
   </parent>
   <artifactId>moa-id-modul-citizencard_authentication</artifactId>
   
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
index 2ad472cbe..6c5872596 100644
--- a/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.8-SNAPSHOT</version>
+    <version>4.2.0-RC1</version>
   </parent>
   <artifactId>moa-id-module-AT_eIDAS_connector</artifactId>
   <name>moa-id-module-AT_eIDAS_connector</name>
diff --git a/id/server/modules/moa-id-module-E-ID_connector/pom.xml b/id/server/modules/moa-id-module-E-ID_connector/pom.xml
index a99a45e6e..6a8f4a8e2 100644
--- a/id/server/modules/moa-id-module-E-ID_connector/pom.xml
+++ b/id/server/modules/moa-id-module-E-ID_connector/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.8-SNAPSHOT</version>
+    <version>4.2.0-RC1</version>
   </parent>
   <artifactId>moa-id-module-EID_connector</artifactId>
   <name>moa-id-module-E-ID_connector</name>
diff --git a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml
index e61236e7f..02fa14877 100644
--- a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml
+++ b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.8-SNAPSHOT</version>
+    <version>4.2.0-RC1</version>
   </parent>
   <artifactId>moa-id-module-bkaMobilaAuthSAML2Test</artifactId>
   <description>BKA MobileAuth Test for SAML2 applications</description>
diff --git a/id/server/modules/moa-id-module-dummyAuth/pom.xml b/id/server/modules/moa-id-module-dummyAuth/pom.xml
index d5a58f113..482436703 100644
--- a/id/server/modules/moa-id-module-dummyAuth/pom.xml
+++ b/id/server/modules/moa-id-module-dummyAuth/pom.xml
@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>MOA.id.server.modules</groupId>
 		<artifactId>moa-id-modules</artifactId>
-		<version>4.1.8-SNAPSHOT</version>
+		<version>4.2.0-RC1</version>
 	</parent>
 	<artifactId>moa-id-module-dummy-authenticatiuon</artifactId>
   	<version>${moa-id-dummy-auth.version}</version>
diff --git a/id/server/modules/moa-id-module-eIDAS/pom.xml b/id/server/modules/moa-id-module-eIDAS/pom.xml
index a6f5a2c83..000ea8e75 100644
--- a/id/server/modules/moa-id-module-eIDAS/pom.xml
+++ b/id/server/modules/moa-id-module-eIDAS/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.8-SNAPSHOT</version>
+    <version>4.2.0-RC1</version>
   </parent>
   <artifactId>moa-id-module-eIDAS</artifactId>
   <name>MOA-ID eIDAS Module</name>
diff --git a/id/server/modules/moa-id-module-ehvd_integration/pom.xml b/id/server/modules/moa-id-module-ehvd_integration/pom.xml
index 1ef6908c4..536622157 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/pom.xml
+++ b/id/server/modules/moa-id-module-ehvd_integration/pom.xml
@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>MOA.id.server.modules</groupId>
 		<artifactId>moa-id-modules</artifactId>
-		<version>4.1.8-SNAPSHOT</version>
+		<version>4.2.0-RC1</version>
 	</parent>
 	<artifactId>moa-id-module-ehvd_integration</artifactId>
 	<version>${moa-id-ehvd_integration.version}</version>
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/pom.xml b/id/server/modules/moa-id-module-elga_mandate_service/pom.xml
index 13be03c0e..e2b60d1b7 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/pom.xml
+++ b/id/server/modules/moa-id-module-elga_mandate_service/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.8-SNAPSHOT</version>
+    <version>4.2.0-RC1</version>
   </parent>
   <artifactId>moa-id-module-elga_mandate_service</artifactId>
   <version>${moa-id-module-elga_mandate_client}</version>
diff --git a/id/server/modules/moa-id-module-openID/pom.xml b/id/server/modules/moa-id-module-openID/pom.xml
index 38fe3bb14..502befc6c 100644
--- a/id/server/modules/moa-id-module-openID/pom.xml
+++ b/id/server/modules/moa-id-module-openID/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.8-SNAPSHOT</version>
+    <version>4.2.0-RC1</version>
   </parent>
   
 	<artifactId>moa-id-module-openID</artifactId>
diff --git a/id/server/modules/moa-id-module-sl20_authentication/pom.xml b/id/server/modules/moa-id-module-sl20_authentication/pom.xml
index 1aeea25bb..3c33635c9 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/pom.xml
+++ b/id/server/modules/moa-id-module-sl20_authentication/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.8-SNAPSHOT</version>
+    <version>4.2.0-RC1</version>
   </parent>
   <artifactId>moa-id-module-sl20_authentication</artifactId>
   <name>moa-id-module-sl20_authentication</name>
diff --git a/id/server/modules/moa-id-module-ssoTransfer/pom.xml b/id/server/modules/moa-id-module-ssoTransfer/pom.xml
index 986729a66..465454041 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/pom.xml
+++ b/id/server/modules/moa-id-module-ssoTransfer/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.8-SNAPSHOT</version>
+    <version>4.2.0-RC1</version>
   </parent>
   <artifactId>moa-id-module-ssoTransfer</artifactId>
   <name>MOA-ID_SSO_Transfer_modul</name>
diff --git a/id/server/modules/moa-id-modules-federated_authentication/pom.xml b/id/server/modules/moa-id-modules-federated_authentication/pom.xml
index 748a1144a..39af193cb 100644
--- a/id/server/modules/moa-id-modules-federated_authentication/pom.xml
+++ b/id/server/modules/moa-id-modules-federated_authentication/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.8-SNAPSHOT</version>
+    <version>4.2.0-RC1</version>
   </parent>
   <artifactId>moa-id-modules-federated_authentication</artifactId>
   <description>PVP2 ServiceProvider implementation for federated authentication</description>
diff --git a/id/server/modules/moa-id-modules-saml1/pom.xml b/id/server/modules/moa-id-modules-saml1/pom.xml
index 552abc3a2..2dd6759a3 100644
--- a/id/server/modules/moa-id-modules-saml1/pom.xml
+++ b/id/server/modules/moa-id-modules-saml1/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.1.8-SNAPSHOT</version>
+    <version>4.2.0-RC1</version>
   </parent>
   
 	<artifactId>moa-id-module-saml1</artifactId>
diff --git a/id/server/modules/module-monitoring/pom.xml b/id/server/modules/module-monitoring/pom.xml
index dd5d6b707..2070bc32b 100644
--- a/id/server/modules/module-monitoring/pom.xml
+++ b/id/server/modules/module-monitoring/pom.xml
@@ -5,7 +5,7 @@
 	<parent>
 		<groupId>MOA.id.server.modules</groupId>
 		<artifactId>moa-id-modules</artifactId>
-		<version>4.1.8-SNAPSHOT</version>
+		<version>4.2.0-RC1</version>
 	</parent>
 
 	<artifactId>moa-id-module-monitoring</artifactId>
diff --git a/id/server/modules/pom.xml b/id/server/modules/pom.xml
index a265c0486..740572189 100644
--- a/id/server/modules/pom.xml
+++ b/id/server/modules/pom.xml
@@ -5,7 +5,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.1.8-SNAPSHOT</version>
+		<version>4.2.0-RC1</version>
 	</parent>
 
 	<groupId>MOA.id.server.modules</groupId>
diff --git a/id/server/pom.xml b/id/server/pom.xml
index 5ecb68a0d..e5b3e184e 100644
--- a/id/server/pom.xml
+++ b/id/server/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <groupId>MOA</groupId>
         <artifactId>id</artifactId>
-        <version>4.1.8-SNAPSHOT</version>
+        <version>4.2.0-RC1</version>
     </parent>
 
     <modelVersion>4.0.0</modelVersion>
-- 
cgit v1.2.3


From b8bad8ba6c5fa6e1a32296c63736fabd8e569195 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Mon, 20 Dec 2021 10:51:58 +0100
Subject: update default logger configuration

---
 id/server/auth-edu/src/main/resources/logback.xml   |  4 ++--
 id/server/auth-final/src/main/resources/logback.xml | 10 +++++-----
 2 files changed, 7 insertions(+), 7 deletions(-)

(limited to 'id/server')

diff --git a/id/server/auth-edu/src/main/resources/logback.xml b/id/server/auth-edu/src/main/resources/logback.xml
index 3f0d54fe5..582f6d44c 100644
--- a/id/server/auth-edu/src/main/resources/logback.xml
+++ b/id/server/auth-edu/src/main/resources/logback.xml
@@ -30,13 +30,13 @@
   </appender>
   <appender name="reversion" class="ch.qos.logback.core.rolling.RollingFileAppender">
     <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
-    <File>${catalina.base}/moa-id-reversion.log</File>
+    <File>${catalina.base}/logs/moa-id-reversion.log</File>
     <encoder>
       <pattern>%5p | %d{ISO8601} | %t | %m%n</pattern>
     </encoder>
     <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
       <maxIndex>9999</maxIndex>
-      <FileNamePattern>${catalina.base}/moa-id-reversion.log.%i.gz</FileNamePattern>
+      <FileNamePattern>${catalina.base}/logs/moa-id-reversion.log.%i.gz</FileNamePattern>
     </rollingPolicy>
     <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
       <MaxFileSize>10000KB</MaxFileSize>
diff --git a/id/server/auth-final/src/main/resources/logback.xml b/id/server/auth-final/src/main/resources/logback.xml
index e5394d87a..0e86d3c68 100644
--- a/id/server/auth-final/src/main/resources/logback.xml
+++ b/id/server/auth-final/src/main/resources/logback.xml
@@ -8,7 +8,7 @@
     </encoder>
     <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
       <maxIndex>1</maxIndex>
-      <FileNamePattern>${catalina.base}/logs/moa-id.log.%i</FileNamePattern>
+      <FileNamePattern>${catalina.base}/logs/moa-id.log.%i.gz</FileNamePattern>
     </rollingPolicy>
     <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
       <MaxFileSize>10000KB</MaxFileSize>
@@ -22,7 +22,7 @@
     </encoder>
     <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
       <maxIndex>1</maxIndex>
-      <FileNamePattern>${catalina.base}/logs/moa-spss.log.%i</FileNamePattern>
+      <FileNamePattern>${catalina.base}/logs/moa-spss.log.%i.gz</FileNamePattern>
     </rollingPolicy>
     <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
       <MaxFileSize>10000KB</MaxFileSize>
@@ -36,7 +36,7 @@
     </encoder>
     <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
       <maxIndex>1</maxIndex>
-      <FileNamePattern>${catalina.base}/logs/moa-id-webgui.log.%i</FileNamePattern>
+      <FileNamePattern>${catalina.base}/logs/moa-id-webgui.log.%i.gz</FileNamePattern>
     </rollingPolicy>
     <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
       <MaxFileSize>10000KB</MaxFileSize>
@@ -44,13 +44,13 @@
   </appender>
   <appender name="reversion" class="ch.qos.logback.core.rolling.RollingFileAppender">
     <!--See also http://logback.qos.ch/manual/appenders.html#RollingFileAppender-->
-    <File>${catalina.base}/moa-id-reversion.log</File>
+    <File>${catalina.base}/logs/moa-id-reversion.log</File>
     <encoder>
       <pattern>%5p | %d{ISO8601} | %t | %m%n</pattern>
     </encoder>
     <rollingPolicy class="ch.qos.logback.core.rolling.FixedWindowRollingPolicy">
       <maxIndex>9999</maxIndex>
-      <FileNamePattern>${catalina.base}/moa-id-reversion.log.%i</FileNamePattern>
+      <FileNamePattern>${catalina.base}/logs/moa-id-reversion.log.%i.gz</FileNamePattern>
     </rollingPolicy>
     <triggeringPolicy class="ch.qos.logback.core.rolling.SizeBasedTriggeringPolicy">
       <MaxFileSize>10000KB</MaxFileSize>
-- 
cgit v1.2.3


From 600369d4ffa753716a9572824de7a96a04cb05a7 Mon Sep 17 00:00:00 2001
From: Thomas Lenz <thomas.lenz@egiz.gv.at>
Date: Mon, 20 Dec 2021 10:58:20 +0100
Subject: switch to next release version

---
 id/server/auth-edu/pom.xml                                        | 2 +-
 id/server/auth-final/pom.xml                                      | 2 +-
 id/server/idserverlib/pom.xml                                     | 2 +-
 id/server/moa-id-commons/pom.xml                                  | 2 +-
 id/server/moa-id-frontend-resources/pom.xml                       | 2 +-
 id/server/moa-id-jaxb_classes/pom.xml                             | 2 +-
 id/server/moa-id-spring-initializer/pom.xml                       | 2 +-
 id/server/modules/moa-id-modul-citizencard_authentication/pom.xml | 2 +-
 id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml        | 2 +-
 id/server/modules/moa-id-module-E-ID_connector/pom.xml            | 2 +-
 id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml    | 2 +-
 id/server/modules/moa-id-module-dummyAuth/pom.xml                 | 2 +-
 id/server/modules/moa-id-module-eIDAS/pom.xml                     | 2 +-
 id/server/modules/moa-id-module-ehvd_integration/pom.xml          | 2 +-
 id/server/modules/moa-id-module-elga_mandate_service/pom.xml      | 2 +-
 id/server/modules/moa-id-module-openID/pom.xml                    | 2 +-
 id/server/modules/moa-id-module-sl20_authentication/pom.xml       | 2 +-
 id/server/modules/moa-id-module-ssoTransfer/pom.xml               | 2 +-
 id/server/modules/moa-id-modules-federated_authentication/pom.xml | 2 +-
 id/server/modules/moa-id-modules-saml1/pom.xml                    | 2 +-
 id/server/modules/module-monitoring/pom.xml                       | 2 +-
 id/server/modules/pom.xml                                         | 2 +-
 id/server/pom.xml                                                 | 2 +-
 23 files changed, 23 insertions(+), 23 deletions(-)

(limited to 'id/server')

diff --git a/id/server/auth-edu/pom.xml b/id/server/auth-edu/pom.xml
index 382e85c67..53cbacedf 100644
--- a/id/server/auth-edu/pom.xml
+++ b/id/server/auth-edu/pom.xml
@@ -2,7 +2,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.2.0-RC1</version>
+		<version>4.2.0</version>
 	</parent>
 	
 	<modelVersion>4.0.0</modelVersion>
diff --git a/id/server/auth-final/pom.xml b/id/server/auth-final/pom.xml
index 9acced17d..e83448eec 100644
--- a/id/server/auth-final/pom.xml
+++ b/id/server/auth-final/pom.xml
@@ -2,7 +2,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.2.0-RC1</version>
+		<version>4.2.0</version>
 	</parent>
 	
 	<modelVersion>4.0.0</modelVersion>
diff --git a/id/server/idserverlib/pom.xml b/id/server/idserverlib/pom.xml
index 54b40d28a..995d15476 100644
--- a/id/server/idserverlib/pom.xml
+++ b/id/server/idserverlib/pom.xml
@@ -4,7 +4,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.2.0-RC1</version>
+		<version>4.2.0</version>
 	</parent>
 
 	<groupId>MOA.id.server</groupId>
diff --git a/id/server/moa-id-commons/pom.xml b/id/server/moa-id-commons/pom.xml
index 2702a9b4d..1cb2db257 100644
--- a/id/server/moa-id-commons/pom.xml
+++ b/id/server/moa-id-commons/pom.xml
@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.2.0-RC1</version>
+		<version>4.2.0</version>
 	</parent>
 	<artifactId>moa-id-commons</artifactId>
 	<name>moa-id-commons</name>
diff --git a/id/server/moa-id-frontend-resources/pom.xml b/id/server/moa-id-frontend-resources/pom.xml
index af8b4ca06..b0dac8718 100644
--- a/id/server/moa-id-frontend-resources/pom.xml
+++ b/id/server/moa-id-frontend-resources/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id</groupId>
     <artifactId>moa-id</artifactId>
-    <version>4.2.0-RC1</version>
+    <version>4.2.0</version>
   </parent>
   
   <groupId>MOA.id.server</groupId>
diff --git a/id/server/moa-id-jaxb_classes/pom.xml b/id/server/moa-id-jaxb_classes/pom.xml
index 3f6a4c3b9..293ff0b77 100644
--- a/id/server/moa-id-jaxb_classes/pom.xml
+++ b/id/server/moa-id-jaxb_classes/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id</groupId>
     <artifactId>moa-id</artifactId>
-    <version>4.2.0-RC1</version>
+    <version>4.2.0</version>
   </parent>
   <groupId>MOA.id.server</groupId>
   <artifactId>moa-id-jaxb_classes</artifactId>
diff --git a/id/server/moa-id-spring-initializer/pom.xml b/id/server/moa-id-spring-initializer/pom.xml
index 63da8b22f..fb638a2c6 100644
--- a/id/server/moa-id-spring-initializer/pom.xml
+++ b/id/server/moa-id-spring-initializer/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id</groupId>
     <artifactId>moa-id</artifactId>
-    <version>4.2.0-RC1</version>
+    <version>4.2.0</version>
   </parent>
   
   <groupId>MOA.id.server</groupId>
diff --git a/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml b/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml
index 1a494f00d..b5d99d53d 100644
--- a/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml
+++ b/id/server/modules/moa-id-modul-citizencard_authentication/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.2.0-RC1</version>
+    <version>4.2.0</version>
   </parent>
   <artifactId>moa-id-modul-citizencard_authentication</artifactId>
   
diff --git a/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml b/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
index 6c5872596..8ae8c9a63 100644
--- a/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
+++ b/id/server/modules/moa-id-module-AT_eIDAS_connector/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.2.0-RC1</version>
+    <version>4.2.0</version>
   </parent>
   <artifactId>moa-id-module-AT_eIDAS_connector</artifactId>
   <name>moa-id-module-AT_eIDAS_connector</name>
diff --git a/id/server/modules/moa-id-module-E-ID_connector/pom.xml b/id/server/modules/moa-id-module-E-ID_connector/pom.xml
index 6a8f4a8e2..ac08879d3 100644
--- a/id/server/modules/moa-id-module-E-ID_connector/pom.xml
+++ b/id/server/modules/moa-id-module-E-ID_connector/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.2.0-RC1</version>
+    <version>4.2.0</version>
   </parent>
   <artifactId>moa-id-module-EID_connector</artifactId>
   <name>moa-id-module-E-ID_connector</name>
diff --git a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml
index 02fa14877..a190c861a 100644
--- a/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml
+++ b/id/server/modules/moa-id-module-bkaMobilaAuthSAML2Test/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.2.0-RC1</version>
+    <version>4.2.0</version>
   </parent>
   <artifactId>moa-id-module-bkaMobilaAuthSAML2Test</artifactId>
   <description>BKA MobileAuth Test for SAML2 applications</description>
diff --git a/id/server/modules/moa-id-module-dummyAuth/pom.xml b/id/server/modules/moa-id-module-dummyAuth/pom.xml
index 482436703..7b7e2d77e 100644
--- a/id/server/modules/moa-id-module-dummyAuth/pom.xml
+++ b/id/server/modules/moa-id-module-dummyAuth/pom.xml
@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>MOA.id.server.modules</groupId>
 		<artifactId>moa-id-modules</artifactId>
-		<version>4.2.0-RC1</version>
+		<version>4.2.0</version>
 	</parent>
 	<artifactId>moa-id-module-dummy-authenticatiuon</artifactId>
   	<version>${moa-id-dummy-auth.version}</version>
diff --git a/id/server/modules/moa-id-module-eIDAS/pom.xml b/id/server/modules/moa-id-module-eIDAS/pom.xml
index 000ea8e75..fc73206a7 100644
--- a/id/server/modules/moa-id-module-eIDAS/pom.xml
+++ b/id/server/modules/moa-id-module-eIDAS/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.2.0-RC1</version>
+    <version>4.2.0</version>
   </parent>
   <artifactId>moa-id-module-eIDAS</artifactId>
   <name>MOA-ID eIDAS Module</name>
diff --git a/id/server/modules/moa-id-module-ehvd_integration/pom.xml b/id/server/modules/moa-id-module-ehvd_integration/pom.xml
index 536622157..15edb681e 100644
--- a/id/server/modules/moa-id-module-ehvd_integration/pom.xml
+++ b/id/server/modules/moa-id-module-ehvd_integration/pom.xml
@@ -6,7 +6,7 @@
 	<parent>
 		<groupId>MOA.id.server.modules</groupId>
 		<artifactId>moa-id-modules</artifactId>
-		<version>4.2.0-RC1</version>
+		<version>4.2.0</version>
 	</parent>
 	<artifactId>moa-id-module-ehvd_integration</artifactId>
 	<version>${moa-id-ehvd_integration.version}</version>
diff --git a/id/server/modules/moa-id-module-elga_mandate_service/pom.xml b/id/server/modules/moa-id-module-elga_mandate_service/pom.xml
index e2b60d1b7..41da7ff51 100644
--- a/id/server/modules/moa-id-module-elga_mandate_service/pom.xml
+++ b/id/server/modules/moa-id-module-elga_mandate_service/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.2.0-RC1</version>
+    <version>4.2.0</version>
   </parent>
   <artifactId>moa-id-module-elga_mandate_service</artifactId>
   <version>${moa-id-module-elga_mandate_client}</version>
diff --git a/id/server/modules/moa-id-module-openID/pom.xml b/id/server/modules/moa-id-module-openID/pom.xml
index 502befc6c..f9ff3333b 100644
--- a/id/server/modules/moa-id-module-openID/pom.xml
+++ b/id/server/modules/moa-id-module-openID/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.2.0-RC1</version>
+    <version>4.2.0</version>
   </parent>
   
 	<artifactId>moa-id-module-openID</artifactId>
diff --git a/id/server/modules/moa-id-module-sl20_authentication/pom.xml b/id/server/modules/moa-id-module-sl20_authentication/pom.xml
index 3c33635c9..d3a2cc94e 100644
--- a/id/server/modules/moa-id-module-sl20_authentication/pom.xml
+++ b/id/server/modules/moa-id-module-sl20_authentication/pom.xml
@@ -5,7 +5,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.2.0-RC1</version>
+    <version>4.2.0</version>
   </parent>
   <artifactId>moa-id-module-sl20_authentication</artifactId>
   <name>moa-id-module-sl20_authentication</name>
diff --git a/id/server/modules/moa-id-module-ssoTransfer/pom.xml b/id/server/modules/moa-id-module-ssoTransfer/pom.xml
index 465454041..70db729e1 100644
--- a/id/server/modules/moa-id-module-ssoTransfer/pom.xml
+++ b/id/server/modules/moa-id-module-ssoTransfer/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.2.0-RC1</version>
+    <version>4.2.0</version>
   </parent>
   <artifactId>moa-id-module-ssoTransfer</artifactId>
   <name>MOA-ID_SSO_Transfer_modul</name>
diff --git a/id/server/modules/moa-id-modules-federated_authentication/pom.xml b/id/server/modules/moa-id-modules-federated_authentication/pom.xml
index 39af193cb..4e72ede0c 100644
--- a/id/server/modules/moa-id-modules-federated_authentication/pom.xml
+++ b/id/server/modules/moa-id-modules-federated_authentication/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.2.0-RC1</version>
+    <version>4.2.0</version>
   </parent>
   <artifactId>moa-id-modules-federated_authentication</artifactId>
   <description>PVP2 ServiceProvider implementation for federated authentication</description>
diff --git a/id/server/modules/moa-id-modules-saml1/pom.xml b/id/server/modules/moa-id-modules-saml1/pom.xml
index 2dd6759a3..a05794be6 100644
--- a/id/server/modules/moa-id-modules-saml1/pom.xml
+++ b/id/server/modules/moa-id-modules-saml1/pom.xml
@@ -3,7 +3,7 @@
   <parent>
     <groupId>MOA.id.server.modules</groupId>
     <artifactId>moa-id-modules</artifactId>
-    <version>4.2.0-RC1</version>
+    <version>4.2.0</version>
   </parent>
   
 	<artifactId>moa-id-module-saml1</artifactId>
diff --git a/id/server/modules/module-monitoring/pom.xml b/id/server/modules/module-monitoring/pom.xml
index 2070bc32b..cd9c1087e 100644
--- a/id/server/modules/module-monitoring/pom.xml
+++ b/id/server/modules/module-monitoring/pom.xml
@@ -5,7 +5,7 @@
 	<parent>
 		<groupId>MOA.id.server.modules</groupId>
 		<artifactId>moa-id-modules</artifactId>
-		<version>4.2.0-RC1</version>
+		<version>4.2.0</version>
 	</parent>
 
 	<artifactId>moa-id-module-monitoring</artifactId>
diff --git a/id/server/modules/pom.xml b/id/server/modules/pom.xml
index 740572189..7fd7107e9 100644
--- a/id/server/modules/pom.xml
+++ b/id/server/modules/pom.xml
@@ -5,7 +5,7 @@
 	<parent>
 		<groupId>MOA.id</groupId>
 		<artifactId>moa-id</artifactId>
-		<version>4.2.0-RC1</version>
+		<version>4.2.0</version>
 	</parent>
 
 	<groupId>MOA.id.server.modules</groupId>
diff --git a/id/server/pom.xml b/id/server/pom.xml
index e5b3e184e..8e9d1a14c 100644
--- a/id/server/pom.xml
+++ b/id/server/pom.xml
@@ -4,7 +4,7 @@
     <parent>
         <groupId>MOA</groupId>
         <artifactId>id</artifactId>
-        <version>4.2.0-RC1</version>
+        <version>4.2.0</version>
     </parent>
 
     <modelVersion>4.0.0</modelVersion>
-- 
cgit v1.2.3